Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
Vendure
Funds programs for the Vendure developer community
Collective -
Host: opensource -
https://opencollective.com/vendure-ecommerce
- Website: https://www.vendure.io/
- Code: https://github.com/vendure-ecommerce
Critical
Ecosystems: npm
Packages: @vendure/asset-server-plugin
Source: github
Published: 3 days ago
vendure: GSA_kwCzR0hTQS1yOW1xLTNjOXItZm1qcc4ABARd
Vendure asset server plugin has local file read vulnerability with AssetServerPlugin & LocalAssetStorageStrategyEcosystems: npm
Packages: @vendure/asset-server-plugin
Source: github
Published: 3 days ago
Moderate
Ecosystems: npm
Packages: @vendure/core
Source: github
Published: 11 months ago
vendure: GSA_kwCzR0hTQS13bTYzLTc2MjctY2gzM84AA3P1
@vendure/core's insecure currencyCode handling allows wrong payment amountsEcosystems: npm
Packages: @vendure/core
Source: github
Published: 11 months ago
Low
Ecosystems: npm
Packages: @vendure/core
Source: github
Published: over 1 year ago
vendure: GSA_kwCzR0hTQS1oOXdxLXhjcXgtbXF4bc4AA0m0
Vendure Cross Site Request Forgery vulnerability impacting all API requestsEcosystems: npm
Packages: @vendure/core
Source: github
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: @vendure/admin-ui-plugin
Source: github
Published: over 1 year ago
vendure: GSA_kwCzR0hTQS1nbTY4LTU3MnAtcTI4cs4AA0Q9
@vendure/admin-ui-plugin authenticated Cross-site Scripting vulnerabilityEcosystems: npm
Packages: @vendure/admin-ui-plugin
Source: github
Published: over 1 year ago