Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

412 advisories

Loading
Prototype Pollution in immer High
CVE-2021-3757 was published for immer (npm) Sep 7, 2021
levpachmanov
deep-defaults vulnerable to prototype pollution Critical
CVE-2021-25944 was published for deep-defaults (npm) May 24, 2022
thlorenz browserify-shim vulnerable to prototype pollution Critical
CVE-2022-37617 was published for browserify-shim (npm) Oct 12, 2022
thlorenz browserify-shim vulnerable to prototype pollution Critical
CVE-2022-37621 was published for browserify-shim (npm) Oct 29, 2022
thlorenz browserify-shim vulnerable to prototype pollution Critical
CVE-2022-37623 was published for browserify-shim (npm) Oct 31, 2022
Mongoose Vulnerable to Prototype Pollution in Schema Object Critical
CVE-2022-24304 was published for mongoose (npm) Aug 27, 2022
tschaub gh-pages vulnerable to prototype pollution Critical
CVE-2022-37611 was published for gh-pages (npm) Oct 12, 2022
mootools-more vulnerable to prototype pollution High
CVE-2021-20088 was published for mootools-more (npm) May 24, 2022
Prototype pollution vulnerability in 'deep-set' Critical
CVE-2020-28276 was published for deep-set (npm) May 24, 2022
Prototype Pollution in lodash Moderate
CVE-2018-3721 was published for lodash (npm) Jul 26, 2018
Prototype Pollution in lodash Critical
CVE-2019-10744 was published for lodash (npm) Jul 10, 2019
@andrei-tatar/nora-firebase-common Prototype Pollution vulnerability High
CVE-2024-30564 was published for @andrei-tatar/nora-firebase-common (npm) Apr 18, 2024
Prototype pollution in emit function Low
GHSA-82jv-9wjw-pqh6 was published for derby (npm) Apr 17, 2024
chluo1997
The Winters theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype... Moderate Unreviewed
CVE-2023-3962 was published Oct 20, 2023
flattenizer vulnerable to prototype pollution Critical
CVE-2020-28279 was published for flattenizer (npm) May 24, 2022
json-pointer vulnerable to Prototype Pollution Critical
CVE-2022-4742 was published for json-pointer (npm) Dec 26, 2022
The nsc theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype... Moderate Unreviewed
CVE-2023-3965 was published Oct 20, 2023
The Your Journey theme for WordPress is vulnerable to Reflected Cross-Site Scripting via... Moderate Unreviewed
CVE-2023-3933 was published Oct 20, 2023
The Popup by Supsystic WordPress plugin before 1.10.19 has a prototype pollution vulnerability... Critical Unreviewed
CVE-2023-3186 was published Jul 17, 2023
A prototype pollution vulnerability exists in Strikingly CMS which can result in reflected cross... Moderate Unreviewed
CVE-2023-2582 was published May 8, 2023
web3-utils Prototype Pollution vulnerability High
CVE-2024-21505 was published for web3-utils (npm) Mar 27, 2024
Duplicate Advisory: web3-utils Prototype Pollution vulnerability High
GHSA-87qp-7cw8-8q9c was published for web3-utils (npm) Mar 25, 2024 withdrawn
Cryptographic key vulnerability encoded in the FriendlyWrt firmware affecting version 2022-11-16... Moderate Unreviewed
CVE-2024-2495 was published Mar 15, 2024
xml2js is vulnerable to prototype pollution Moderate
CVE-2023-0842 was published for xml2js (npm) Apr 5, 2023
brokenedtzjs OIRNOIR
simonkrol Harrington-Joe_pfghub G-Rath
JSONata expression can pollute the "Object" prototype Critical
CVE-2024-27307 was published for jsonata (npm) Mar 4, 2024
AlbertSPedersen
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database