GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
167 advisories
Filter by severity
Prototype Pollution in Node-Red
High
CVE-2021-21297
was published
for
@node-red/runtime
(npm)
Feb 26, 2021
Dynamic modification of RPyC service due to missing security check
High
CVE-2019-16328
was published
for
rpyc
(pip)
Feb 17, 2021
datatables.net vulnerable to Prototype Pollution due to incomplete fix
High
CVE-2020-28458
was published
for
datatables.net
(npm)
Dec 17, 2020
ini before 1.3.6 vulnerable to Prototype Pollution via ini.parse
High
CVE-2020-7788
was published
for
ini
(npm)
Dec 10, 2020
Prototype Pollution in node-forge
High
CVE-2020-7720
was published
for
node-forge
(npm)
Sep 14, 2020
Prototype Pollution in safe-object2
High
GHSA-qccf-q7p4-3q3j
was published
for
safe-object2
(npm)
Sep 4, 2020
Prototype Pollution in getsetdeep
High
GHSA-8j49-49jq-vwcq
was published
for
getsetdeep
(npm)
Sep 4, 2020
Prototype Pollution in deep-setter
High
GHSA-9qrg-h9g8-c65q
was published
for
deep-setter
(npm)
Sep 4, 2020
Prototype Pollution in get-setter
High
GHSA-ch82-gqh6-9xj9
was published
for
get-setter
(npm)
Sep 4, 2020
Prototype Pollution in unflatten
High
GHSA-6fh5-8wq8-w3wr
was published
for
unflatten
(npm)
Sep 4, 2020
Prototype Pollution in flat-wrap
High
GHSA-g7h8-p22m-2rvx
was published
for
flat-wrap
(npm)
Sep 4, 2020
Prototype Pollution in handlebars
High
GHSA-g9r4-xpmj-mj65
was published
for
handlebars
(npm)
Sep 4, 2020
Prototype Pollution in lodash.mergewith
High
GHSA-779f-wgxg-qr8f
was published
for
lodash.mergewith
(npm)
Sep 3, 2020
Prototype Pollution in lodash.defaultsdeep
High
GHSA-46fh-8fc5-xcwx
was published
for
lodash.defaultsdeep
(npm)
Sep 3, 2020
Prototype Pollution in lodash.mergewith
High
GHSA-5947-m4fg-xhqg
was published
for
lodash.mergewith
(npm)
Sep 3, 2020
Prototype Pollution in lodash.defaultsdeep
High
GHSA-h5mp-5q4p-ggf5
was published
for
lodash.defaultsdeep
(npm)
Sep 3, 2020
Prototype Pollution in lodash.merge
High
GHSA-2m96-9w4j-wgv7
was published
for
lodash.merge
(npm)
Sep 3, 2020
ProTip!
Advisories are also available from the
GraphQL API