Ecosyste.ms: OpenCollective
An open API service for software projects hosted on Open Collective.
github.com/vendure-ecommerce/vendure
The commerce platform with customization in its DNA.
https://github.com/vendure-ecommerce/vendure
Critical
Ecosystems: npm
Packages: @vendure/asset-server-plugin
Source: github
Published: 2 months ago
GSA_kwCzR0hTQS1yOW1xLTNjOXItZm1qcc4ABARd
Vendure asset server plugin has local file read vulnerability with AssetServerPlugin & LocalAssetStorageStrategyEcosystems: npm
Packages: @vendure/asset-server-plugin
Source: github
Published: 2 months ago
Moderate
Ecosystems: npm
Packages: @vendure/core
Source: github
Published: about 1 year ago
GSA_kwCzR0hTQS13bTYzLTc2MjctY2gzM84AA3P1
@vendure/core's insecure currencyCode handling allows wrong payment amountsEcosystems: npm
Packages: @vendure/core
Source: github
Published: about 1 year ago
Low
Ecosystems: npm
Packages: @vendure/core
Source: github
Published: over 1 year ago
GSA_kwCzR0hTQS1oOXdxLXhjcXgtbXF4bc4AA0m0
Vendure Cross Site Request Forgery vulnerability impacting all API requestsEcosystems: npm
Packages: @vendure/core
Source: github
Published: over 1 year ago
Moderate
Ecosystems: npm
Packages: @vendure/admin-ui-plugin
Source: github
Published: over 1 year ago
GSA_kwCzR0hTQS1nbTY4LTU3MnAtcTI4cs4AA0Q9
@vendure/admin-ui-plugin authenticated Cross-site Scripting vulnerabilityEcosystems: npm
Packages: @vendure/admin-ui-plugin
Source: github
Published: over 1 year ago