Количество 2
Количество 2
CVE-2020-15269
In Spree before versions 3.7.11, 4.0.4, or 4.1.11, expired user tokens could be used to access Storefront API v2 endpoints. The issue is patched in versions 3.7.11, 4.0.4 and 4.1.11. A workaround without upgrading is described in the linked advisory.
GHSA-f8cm-364f-q9qh
Ensure that doorkeeper_token is valid when authenticating requests in API v2 calls
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-15269 In Spree before versions 3.7.11, 4.0.4, or 4.1.11, expired user tokens could be used to access Storefront API v2 endpoints. The issue is patched in versions 3.7.11, 4.0.4 and 4.1.11. A workaround without upgrading is described in the linked advisory. | CVSS3: 7.4 | 0% Низкий | больше 5 лет назад |
| GHSA-f8cm-364f-q9qh Ensure that doorkeeper_token is valid when authenticating requests in API v2 calls | CVSS3: 7.4 | 0% Низкий | больше 5 лет назад |
Уязвимостей на страницу