GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
10 advisories
Potential for Script Injection in syntax-error
High
CVE-2014-7192
was published
for
syntax-error
(npm)
Oct 24, 2017
@ianwalter/merge Prototype Pollution via `merge` function
Moderate
CVE-2021-23397
was published
for
@ianwalter/merge
(npm)
Jul 26, 2022
Prototype Pollution in dot-object
Moderate
CVE-2019-10793
was published
for
dot-object
(npm)
Feb 9, 2022
Prototype Pollution in undefsafe
Moderate
CVE-2019-10795
was published
for
undefsafe
(npm)
Feb 9, 2022
Command Injection in compass-compile
Critical
CVE-2020-7635
was published
for
compass-compile
(npm)
Dec 9, 2021
Denial of Service vulnerability with large JSON payloads in fastify
High
CVE-2018-3711
was published
for
fastify
(npm)
Jul 18, 2018
follow-redirects' Proxy-Authorization header kept across hosts
Moderate
CVE-2024-28849
was published
for
follow-redirects
(npm)
Mar 14, 2024
@sveltejs/kit vulnerable to XSS on dev mode 404 page
Low
CVE-2024-53261
was published
for
@sveltejs/kit
(npm)
Nov 25, 2024
Denial of Service Vulnerability in ActiveRecord's PostgreSQL adapter
High
CVE-2022-44566
was published
for
activerecord
(RubyGems)
Jan 18, 2023
ProTip!
Advisories are also available from the
GraphQL API