3.1.0
5 years ago
10 days ago
Known vulnerabilities in the @vendure/core package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
@vendure/core is an A modern, headless ecommerce framework Affected versions of this package are vulnerable to Improper Input Validation through the How to fix Improper Input Validation? Upgrade | <2.1.3 |
@vendure/core is an A modern, headless ecommerce framework Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF) such that by default the How to fix Cross-site Request Forgery (CSRF)? Upgrade | <2.0.3 |