pkg:RubyGems/spree_api

共 3 筆 CVEHIGH1MEDIUM1

✅ 檢查你的版本

所有已知漏洞

  • HIGH7.7CVE-2020-26223Authorization bypass in Spree
    >= 3.7.0, < 3.7.13
  • MEDIUM6.5CVE-2026-22588Spree API has Authenticated Insecure Direct Object Reference (IDOR) via Order Modification
    >= 3.7.0, < 4.10.2
  • CVE-2026-25758Unauthenticated Spree Commerce users can access all guest addresses
    from 0, < 4.10.3