Latest version: v2.10.1
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| CVE-2022-39275 | 53540 |
Saleor 3.7.17, 3.6.18, 3.5.23, 3.4.24, 3.3.26, 3.2.14 and 3.1.24 incl… |
|
MEDIUM | 4.3 |
| CVE-2023-32694 | 64196 |
Saleor Core is a composable, headless commerce API. Saleor's `validat… |
|
MEDIUM | 5.4 |
| CVE-2024-29888 | 71943 |
Saleor is an e-commerce platform that serves high-volume companies. W… |
|
- | - |
| CVE-2023-26052 | 53529 |
Saleor 3.1.48, 3.7.59, 3.8.30, 3.9.27, 3.10.14 and 3.11.12 include a … |
|
MEDIUM | 5.3 |
| CVE-2023-26051 | 53528 |
Saleor 3.1.48, 3.7.59, 3.8.30, 3.9.27, 3.10.14 and 3.11.12 include a … |
|
MEDIUM | 4.3 |
| CVE-2019-13594 | 70563 |
In Mirumee Saleor 2.7.0 (fixed in 2.8.0), CSRF protection middleware … |
|
HIGH | 8.8 |
| CVE-2019-1010304 | 70594 |
Saleor Issue was introduced by merge commit: e1b01bad0703afd08d297ed3… |
|
MEDIUM | 5.3 |
| CVE-2020-15085 | 70595 |
In Saleor Storefront before version 2.10.3, request data used to auth… |
|
MEDIUM | 6.1 |
| CVE-2020-7964 | 54202 |
An issue was discovered in Mirumee Saleor 2.x before 2.9.1. Incorrect… |
|
MEDIUM | 5.3 |
| CVE-2022-0932 | 54411 |
Missing Authorization in GitHub repository saleor/saleor prior to 3.1… |
|
MEDIUM | 6.5 |