| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-31000 | CSRF allows attacker to finalize/unfinalize order adjustments in solidus_backend | solidusio | solidus | Low | 2.3 | 2022-06-01 17:25:11 | Deep Dive |
| CVE-2021-43846 | CSRF forgery protection bypass for Spree::OrdersController#populate | solidusio | solidus | Medium | 5.3 | 2021-12-20 21:30:11 | Deep Dive |
| CVE-2021-43805 | ReDos vulnerability on guest checkout email validation | solidusio | solidus | High | 7.5 | 2021-12-07 17:25:09 | Deep Dive |
| CVE-2021-41274 | Authentication Bypass by CSRF Weakness | solidusio | solidus_auth_devise | Critical | 9.3 | 2021-11-17 19:55:11 | Deep Dive |
| CVE-2020-15109 | Ability to change order address without triggering address validations in solidus | solidusio | solidus | Medium | 5.3 | 2020-08-04 23:00:16 | Deep Dive |