Every CVE whose affected-product data names Oroinc Orocommerce, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-31037 — CVSS 6.9 (medium): OroCommerce is an open-source Business to Business Commerce application. Versions between 4.1.0 and 4.1.17 inclusive, 4.2.0 and 4.2.11…
CVE-2022-35950 — CVSS 6.9 (medium): OroCommerce is an open-source Business to Business Commerce application. In versions 4.1.0 through 4.1.13, 4.2.0 through 4.2.10, 5.0.0…
CVE-2023-32065 — CVSS 5.8 (medium): OroCommerce is an open-source Business to Business Commerce application built with flexibility in mind. Detailed Order totals information…
CVE-2023-32064 — CVSS 5.0 (medium): OroCommerce package with customer portal and non authenticated visitor website base features. Back-office users can access information…