Every CVE whose affected-product data names Nebulab Solidus, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2021-43805 — CVSS 7.5 (high): Solidus is a free, open-source ecommerce platform built on Rails. Versions of Solidus prior to 3.1.4, 3.0.4, and 2.11.13 have a denial of…
CVE-2020-15109 — CVSS 5.3 (medium): In solidus before versions 2.8.6, 2.9.6, and 2.10.2, there is an bility to change order address without triggering address validations…
CVE-2021-43846 — CVSS 5.3 (medium): `solidus_frontend` is the cart and storefront for the Solidus e-commerce project. Versions of `solidus_frontend` prior to 3.1.5, 3.0.5, and…
CVE-2022-31000 — CVSS 2.3 (low): solidus_backend is the admin interface for the Solidus e-commerce framework. Versions prior to 3.1.6, 3.0.6, and 2.11.16 contain a…