GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+
357 advisories
Filter by severity
Mongoose Prototype Pollution vulnerability
Critical
CVE-2023-3696
was published
for
mongoose
(npm)
Jul 17, 2023
protobufjs Prototype Pollution vulnerability
Critical
CVE-2023-36665
was published
for
protobufjs
(npm)
Jul 5, 2023
tough-cookie Prototype Pollution vulnerability
Moderate
CVE-2023-26136
was published
for
tough-cookie
(npm)
Jul 1, 2023
Parse Server vulnerable to remote code execution via MongoDB BSON parser through prototype pollution
Critical
CVE-2023-36475
was published
for
parse-server
(npm)
Jun 30, 2023
flatnest Prototype Pollution vulnerability
High
CVE-2023-26135
was published
for
flatnest
(npm)
Jun 30, 2023
fast-xml-parser vulnerable to Prototype Pollution through tag or attribute name
Moderate
CVE-2023-26920
was published
for
fast-xml-parser
(npm)
Jun 13, 2023
progressbar.js vulnerable to Prototype Pollution
High
CVE-2023-26133
was published
for
progressbar.js
(npm)
Jun 12, 2023
dottie vulnerable to Prototype Pollution
High
CVE-2023-26132
was published
for
dottie
(npm)
Jun 10, 2023
antfu/utils vulnerable to prototype pollution
Moderate
CVE-2023-2972
was published
for
@antfu/utils
(npm)
May 30, 2023
Possible prototype pollution in metadata record, when using meta decorator
Low
CVE-2023-30857
was published
for
@aedart/support
(npm)
May 1, 2023
Prototype Pollution in vConsole
Critical
CVE-2023-30363
was published
for
vconsole
(npm)
Apr 26, 2023
safe-eval vulnerable to Sandbox Bypass due to improper input sanitization
Critical
CVE-2023-26122
was published
for
safe-eval
(npm)
Apr 11, 2023
safe-eval vulnerable to Prototype Pollution via the safeEval function
Critical
CVE-2023-26121
was published
for
safe-eval
(npm)
Apr 11, 2023
xml2js is vulnerable to prototype pollution
Moderate
CVE-2023-0842
was published
for
xml2js
(npm)
Apr 5, 2023
Prototype pollution in matrix-js-sdk (part 2)
High
CVE-2023-28427
was published
for
matrix-js-sdk
(npm)
Mar 30, 2023
Prototype pollution in matrix-react-sdk
High
CVE-2023-28103
was published
for
matrix-react-sdk
(npm)
Mar 29, 2023
matrix-react-sdk Prototype pollution vulnerability
High
CVE-2022-36060
was published
for
matrix-react-sdk
(npm)
Mar 28, 2023
matrix-js-sdk Prototype Pollution vulnerability
High
CVE-2022-36059
was published
for
matrix-js-sdk
(npm)
Mar 28, 2023
Collection.js vulnerable to Prototype Pollution
High
CVE-2023-26113
was published
for
collection.js
(npm)
Mar 18, 2023
dot-lens vulnerable to Prototype Pollution
High
CVE-2023-26106
was published
for
dot-lens
(npm)
Mar 6, 2023
mde utilities contains Prototype Pollution
High
CVE-2023-26105
was published
for
utilities
(npm)
Feb 28, 2023
rangy vulnerable to Prototype Pollution
High
CVE-2023-26102
was published
for
rangy
(npm)
Feb 24, 2023
Baobab vulnerable to Prototype Pollution
Critical
CVE-2021-4307
was published
for
baobab
(npm)
Jan 7, 2023
Prototype Pollution in JSON5 via Parse Method
High
CVE-2022-46175
was published
for
json5
(npm)
Dec 29, 2022
ProTip!
Advisories are also available from the
GraphQL API