exploitDog

GHSA-m83v-mmqj-7jrm

Опубликовано: 16 апр. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 3.5

Описание

nopCommerce before 4.80.0 does not offer locking for order placement. Thus there is a race condition with duplicate redeeming of gift cards.

nopCommerce before 4.80.0 does not offer locking for order placement. Thus there is a race condition with duplicate redeeming of gift cards.

Ссылки

EPSS

Процентиль: 15%

0.00049

Низкий

3.5 Low

CVSS3

CVE ID

Дефекты

CWE-362

Связанные уязвимости

CVE-2024-58248

CVSS3: 3.5

nvd

10 месяцев назад

nopCommerce through 4.90.1 does not offer locking for order placement. Thus there is a race condition with duplicate redeeming of gift cards.

EPSS

Процентиль: 15%

0.00049

Низкий

3.5 Low

CVSS3

CVE ID

Дефекты

CWE-362