Vulnerabilities in vendure-ecommerce

2 results

CVE-2024-48914CRITICALVendure asset server plugin has local file read vulnerability with AssetServerPlugin & LocalAssetStorageStrategyEPSS 59.8%CVE-2022-23065MEDIUMVendure - XSS via SVG File UploadEPSS 0.6%