Vulnerabilities > Nebulab
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-01 | CVE-2022-31000 | Cross-Site Request Forgery (CSRF) vulnerability in Nebulab Solidus solidus_backend is the admin interface for the Solidus e-commerce framework. | 4.3 |
| 2021-12-20 | CVE-2021-43846 | Cross-Site Request Forgery (CSRF) vulnerability in Nebulab Solidus `solidus_frontend` is the cart and storefront for the Solidus e-commerce project. | 4.3 |
| 2021-12-07 | CVE-2021-43805 | Unspecified vulnerability in Nebulab Solidus Solidus is a free, open-source ecommerce platform built on Rails. | 5.0 |
| 2021-11-17 | CVE-2021-41274 | Cross-Site Request Forgery (CSRF) vulnerability in Nebulab Solidus Auth Devise solidus_auth_devise provides authentication services for the Solidus webstore framework, using the Devise gem. | 6.8 |
| 2020-08-04 | CVE-2020-15109 | Missing Authorization vulnerability in Nebulab Solidus In solidus before versions 2.8.6, 2.9.6, and 2.10.2, there is an bility to change order address without triggering address validations. | 5.0 |