GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
154 advisories
Filter by severity
Prototype Pollution in deep-setter
High
GHSA-9qrg-h9g8-c65q
was published
for
deep-setter
(npm)
Sep 4, 2020
Prototype Pollution in get-setter
High
GHSA-ch82-gqh6-9xj9
was published
for
get-setter
(npm)
Sep 4, 2020
Prototype Pollution in unflatten
High
GHSA-6fh5-8wq8-w3wr
was published
for
unflatten
(npm)
Sep 4, 2020
Prototype Pollution in flat-wrap
High
GHSA-g7h8-p22m-2rvx
was published
for
flat-wrap
(npm)
Sep 4, 2020
Prototype Pollution in handlebars
High
GHSA-g9r4-xpmj-mj65
was published
for
handlebars
(npm)
Sep 4, 2020
Prototype Pollution in lodash.mergewith
High
GHSA-779f-wgxg-qr8f
was published
for
lodash.mergewith
(npm)
Sep 3, 2020
Prototype Pollution in lodash.defaultsdeep
High
GHSA-46fh-8fc5-xcwx
was published
for
lodash.defaultsdeep
(npm)
Sep 3, 2020
Prototype Pollution in lodash.mergewith
High
GHSA-5947-m4fg-xhqg
was published
for
lodash.mergewith
(npm)
Sep 3, 2020
Prototype Pollution in lodash.defaultsdeep
High
GHSA-h5mp-5q4p-ggf5
was published
for
lodash.defaultsdeep
(npm)
Sep 3, 2020
Prototype Pollution in lodash.merge
High
GHSA-2m96-9w4j-wgv7
was published
for
lodash.merge
(npm)
Sep 3, 2020
Prototype Pollution in lodash.merge
High
GHSA-h726-x36v-rx45
was published
for
lodash.merge
(npm)
Sep 3, 2020
Prototype Pollution in @commercial/subtext
High
GHSA-36c4-4r89-6whg
was published
for
@commercial/subtext
(npm)
Sep 3, 2020
Prototype Pollution in @hapi/subtext
High
GHSA-g9cg-h3jm-cwrc
was published
for
@hapi/subtext
(npm)
Sep 3, 2020
dot-prop Prototype Pollution vulnerability
High
CVE-2020-8116
was published
for
dot-prop
(npm)
Jul 29, 2020
Class destructors causing side-effects when being unserialized in TYPO3 CMS
High
CVE-2020-11066
was published
for
typo3/cms
(Composer)
May 13, 2020
Phar object injection in PHPMailer
High
CVE-2018-19296
was published
for
phpmailer/phpmailer
(Composer)
Mar 5, 2020
assign-deep Vulnerable to Prototype Pollution
High
CVE-2019-10745
was published
for
assign-deep
(npm)
Aug 21, 2019
Prototype Pollution in @apollo/gateway
High
GHSA-74cr-77xc-8g6r
was published
for
@apollo/gateway
(npm)
Jun 13, 2019
Prototype Pollution in querystringify
High
GHSA-hxcm-v35h-mg2x
was published
for
querystringify
(npm)
Jun 7, 2019
ProTip!
Advisories are also available from the
GraphQL API