Search criteria
18 vulnerabilities found for saleor by saleor
CVE-2025-58442 (GCVE-0-2025-58442)
Vulnerability from nvd – Published: 2025-09-09 19:46 – Updated: 2025-09-10 13:50
VLAI?
Title
Saleor has user enumeration vulnerability due to different error messages
Summary
Saleor is an e-commerce platform. Starting in version 3.21.0 and prior to version 3.21.16, requesting certain fields in the response of `accountRegister` may result in errors that could unintentionally reveal whether a user with the provided email already exists in Saleor. Version 3.21.16 fixes the issue. As a workaround, rate-limit the mutation to reduce the impact.
Severity ?
5.3 (Medium)
CWE
- CWE-204 - Observable Response Discrepancy
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58442",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-10T13:50:34.635633Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-10T13:50:40.777Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "saleor",
"vendor": "saleor",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.21.0, \u003c 3.21.16"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Saleor is an e-commerce platform. Starting in version 3.21.0 and prior to version 3.21.16, requesting certain fields in the response of `accountRegister` may result in errors that could unintentionally reveal whether a user with the provided email already exists in Saleor. Version 3.21.16 fixes the issue. As a workaround, rate-limit the mutation to reduce the impact."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-204",
"description": "CWE-204: Observable Response Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T19:46:45.798Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-8w67-mfm5-fwx5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-8w67-mfm5-fwx5"
},
{
"name": "https://github.com/saleor/saleor/commit/09d671e91ea53a44352d5f685083dc05a2f55e95",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/09d671e91ea53a44352d5f685083dc05a2f55e95"
},
{
"name": "https://github.com/saleor/saleor/commit/b35783838e51cfc118e07d632f64b01bc3a2c4bb",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/b35783838e51cfc118e07d632f64b01bc3a2c4bb"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.21.16",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.21.16"
}
],
"source": {
"advisory": "GHSA-8w67-mfm5-fwx5",
"discovery": "UNKNOWN"
},
"title": "Saleor has user enumeration vulnerability due to different error messages"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-58442",
"datePublished": "2025-09-09T19:46:45.798Z",
"dateReserved": "2025-09-01T20:03:06.532Z",
"dateUpdated": "2025-09-10T13:50:40.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31205 (GCVE-0-2024-31205)
Vulnerability from nvd – Published: 2024-04-08 14:26 – Updated: 2024-08-02 01:46
VLAI?
Title
Saleor CSRF bypass in refreshToken mutation
Summary
Saleor is an e-commerce platform. Starting in version 3.10.0 and prior to versions 3.14.64, 3.15.39, 3.16.39, 3.17.35, 3.18.31, and 3.19.19, an attacker may bypass cross-set request forgery (CSRF) validation when calling refresh token mutation with empty string. When a user provides an empty string in `refreshToken` mutation, while the token persists in `JWT_REFRESH_TOKEN_COOKIE_NAME` cookie, application omits validation against CSRF token and returns valid access token. Versions 3.14.64, 3.15.39, 3.16.39, 3.17.35, 3.18.31, and 3.19.19 contain a patch for the issue. As a workaround, one may replace `saleor.graphql.account.mutations.authentication.refresh_token.py.get_refresh_token`. This will fix the issue, but be aware, that it returns `JWT_MISSING_TOKEN` instead of `JWT_INVALID_TOKEN`.
Severity ?
4.2 (Medium)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31205",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T15:46:25.741486Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:37:18.826Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:46:04.600Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-ff69-fwjf-3c9w",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-ff69-fwjf-3c9w"
},
{
"name": "https://github.com/saleor/saleor/commit/36699c6f5c99590d24f46e3d5c5b1a3c2fd072e7",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/36699c6f5c99590d24f46e3d5c5b1a3c2fd072e7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "saleor",
"vendor": "saleor",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.10.0, \u003c 3.14.64"
},
{
"status": "affected",
"version": "\u003e= 3.15.0, \u003c 3.15.39"
},
{
"status": "affected",
"version": "\u003e= 3.16.0, \u003c 3.16.39"
},
{
"status": "affected",
"version": "\u003e= 3.17.0, \u003c 3.17.35"
},
{
"status": "affected",
"version": "\u003e= 3.18.0, \u003c 3.18.31"
},
{
"status": "affected",
"version": "\u003e= 3.19.0, \u003c 3.19.19"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Saleor is an e-commerce platform. Starting in version 3.10.0 and prior to versions 3.14.64, 3.15.39, 3.16.39, 3.17.35, 3.18.31, and 3.19.19, an attacker may bypass cross-set request forgery (CSRF) validation when calling refresh token mutation with empty string. When a user provides an empty string in `refreshToken` mutation, while the token persists in `JWT_REFRESH_TOKEN_COOKIE_NAME` cookie, application omits validation against CSRF token and returns valid access token. Versions 3.14.64, 3.15.39, 3.16.39, 3.17.35, 3.18.31, and 3.19.19 contain a patch for the issue. As a workaround, one may replace `saleor.graphql.account.mutations.authentication.refresh_token.py.get_refresh_token`. This will fix the issue, but be aware, that it returns `JWT_MISSING_TOKEN` instead of `JWT_INVALID_TOKEN`.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352: Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T14:26:30.971Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-ff69-fwjf-3c9w",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-ff69-fwjf-3c9w"
},
{
"name": "https://github.com/saleor/saleor/commit/36699c6f5c99590d24f46e3d5c5b1a3c2fd072e7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/36699c6f5c99590d24f46e3d5c5b1a3c2fd072e7"
}
],
"source": {
"advisory": "GHSA-ff69-fwjf-3c9w",
"discovery": "UNKNOWN"
},
"title": "Saleor CSRF bypass in refreshToken mutation"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-31205",
"datePublished": "2024-04-08T14:26:30.971Z",
"dateReserved": "2024-03-29T14:16:31.899Z",
"dateUpdated": "2024-08-02T01:46:04.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29888 (GCVE-0-2024-29888)
Vulnerability from nvd – Published: 2024-03-27 18:53 – Updated: 2024-08-02 01:17
VLAI?
Title
Saleor vulnerable to customers addresses leak when using Warehouse as a `Pickup: Local stock only` delivery method
Summary
Saleor is an e-commerce platform that serves high-volume companies. When using `Pickup: Local stock only` click-and-collect as a delivery method in specific conditions the customer could overwrite the warehouse address with its own, which exposes its address as click-and-collect address. This issue has been patched in versions: `3.14.61`, `3.15.37`, `3.16.34`, `3.17.32`, `3.18.28`, `3.19.15`.
Severity ?
4.2 (Medium)
CWE
- CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29888",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-27T19:54:53.329148Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:21:18.651Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:58.440Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-mrj3-f2h4-7w45",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-mrj3-f2h4-7w45"
},
{
"name": "https://github.com/saleor/saleor/pull/15694",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/pull/15694"
},
{
"name": "https://github.com/saleor/saleor/pull/15697",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/pull/15697"
},
{
"name": "https://github.com/saleor/saleor/commit/22a1aa3ef0bc54156405f69146788016a7f3f761",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/22a1aa3ef0bc54156405f69146788016a7f3f761"
},
{
"name": "https://github.com/saleor/saleor/commit/39abb0f4e4fe6503f81bfbb871227e4f70bcdd5c",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/39abb0f4e4fe6503f81bfbb871227e4f70bcdd5c"
},
{
"name": "https://github.com/saleor/saleor/commit/47cedfd7d6524d79bdb04708edcdbb235874de6b",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/47cedfd7d6524d79bdb04708edcdbb235874de6b"
},
{
"name": "https://github.com/saleor/saleor/commit/997f7ea4f576543ec88679a86bfe1b14f7f2ff26",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/997f7ea4f576543ec88679a86bfe1b14f7f2ff26"
},
{
"name": "https://github.com/saleor/saleor/commit/b7cecda8b603f7472790150bb4508c7b655946d4",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/b7cecda8b603f7472790150bb4508c7b655946d4"
},
{
"name": "https://github.com/saleor/saleor/commit/d8ba545c16ad3153febc5b5be8fd2ef75da9fc95",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/d8ba545c16ad3153febc5b5be8fd2ef75da9fc95"
},
{
"name": "https://github.com/saleor/saleor/commit/dccc2c842b4e2e09470929c80f07dc137e439182",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/dccc2c842b4e2e09470929c80f07dc137e439182"
},
{
"name": "https://github.com/saleor/saleor/commit/ef003c76a304c89ddb2dc65b7f1d5b3b2ba1c640",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/ef003c76a304c89ddb2dc65b7f1d5b3b2ba1c640"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "saleor",
"vendor": "saleor",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.14.56, \u003c 3.14.61"
},
{
"status": "affected",
"version": "\u003e= 3.15.31, \u003c 3.15.37"
},
{
"status": "affected",
"version": "\u003e= 3.16.27, \u003c 3.16.34"
},
{
"status": "affected",
"version": "\u003e= 3.17.25, \u003c 3.17.32"
},
{
"status": "affected",
"version": "\u003e= 3.18.19, \u003c 3.18.28"
},
{
"status": "affected",
"version": "\u003e= 3.19.5, \u003c 3.19.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Saleor is an e-commerce platform that serves high-volume companies. When using `Pickup: Local stock only` click-and-collect as a delivery method in specific conditions the customer could overwrite the warehouse address with its own, which exposes its address as click-and-collect address. This issue has been patched in versions: `3.14.61`, `3.15.37`, `3.16.34`, `3.17.32`, `3.18.28`, `3.19.15`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-359",
"description": "CWE-359: Exposure of Private Personal Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-27T18:53:44.698Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-mrj3-f2h4-7w45",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-mrj3-f2h4-7w45"
},
{
"name": "https://github.com/saleor/saleor/pull/15694",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/pull/15694"
},
{
"name": "https://github.com/saleor/saleor/pull/15697",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/pull/15697"
},
{
"name": "https://github.com/saleor/saleor/commit/22a1aa3ef0bc54156405f69146788016a7f3f761",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/22a1aa3ef0bc54156405f69146788016a7f3f761"
},
{
"name": "https://github.com/saleor/saleor/commit/39abb0f4e4fe6503f81bfbb871227e4f70bcdd5c",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/39abb0f4e4fe6503f81bfbb871227e4f70bcdd5c"
},
{
"name": "https://github.com/saleor/saleor/commit/47cedfd7d6524d79bdb04708edcdbb235874de6b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/47cedfd7d6524d79bdb04708edcdbb235874de6b"
},
{
"name": "https://github.com/saleor/saleor/commit/997f7ea4f576543ec88679a86bfe1b14f7f2ff26",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/997f7ea4f576543ec88679a86bfe1b14f7f2ff26"
},
{
"name": "https://github.com/saleor/saleor/commit/b7cecda8b603f7472790150bb4508c7b655946d4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/b7cecda8b603f7472790150bb4508c7b655946d4"
},
{
"name": "https://github.com/saleor/saleor/commit/d8ba545c16ad3153febc5b5be8fd2ef75da9fc95",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/d8ba545c16ad3153febc5b5be8fd2ef75da9fc95"
},
{
"name": "https://github.com/saleor/saleor/commit/dccc2c842b4e2e09470929c80f07dc137e439182",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/dccc2c842b4e2e09470929c80f07dc137e439182"
},
{
"name": "https://github.com/saleor/saleor/commit/ef003c76a304c89ddb2dc65b7f1d5b3b2ba1c640",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/ef003c76a304c89ddb2dc65b7f1d5b3b2ba1c640"
}
],
"source": {
"advisory": "GHSA-mrj3-f2h4-7w45",
"discovery": "UNKNOWN"
},
"title": "Saleor vulnerable to customers addresses leak when using Warehouse as a `Pickup: Local stock only` delivery method"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-29888",
"datePublished": "2024-03-27T18:53:44.698Z",
"dateReserved": "2024-03-21T15:12:08.997Z",
"dateUpdated": "2024-08-02T01:17:58.440Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32694 (GCVE-0-2023-32694)
Vulnerability from nvd – Published: 2023-05-25 14:29 – Updated: 2025-01-16 19:21
VLAI?
Title
Non-constant time HMAC comparison in Adyen plugin in Saleor
Summary
Saleor Core is a composable, headless commerce API. Saleor's `validate_hmac_signature` function is vulnerable to timing attacks. Malicious users could abuse this vulnerability on Saleor deployments having the Adyen plugin enabled in order to determine the secret key and forge fake events, this could affect the database integrity such as marking an order as paid when it is not. This issue has been patched in versions 3.7.68, 3.8.40, 3.9.49, 3.10.36, 3.11.35, 3.12.25, and 3.13.16.
Severity ?
4.8 (Medium)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:36.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-3rqj-9v87-2x3f",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-3rqj-9v87-2x3f"
},
{
"name": "https://github.com/saleor/saleor/commit/1328274e1a3d04ab87d7daee90229ff47b3bc35e",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/1328274e1a3d04ab87d7daee90229ff47b3bc35e"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32694",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T19:21:44.207892Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T19:21:54.740Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "saleor",
"vendor": "saleor",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.11.0, \u003c 3.7.68"
},
{
"status": "affected",
"version": "\u003e= 3.8.0, \u003c 3.8.40"
},
{
"status": "affected",
"version": "\u003e= 3.9.0, \u003c 3.9.49"
},
{
"status": "affected",
"version": "\u003e= 3.10.0, \u003c 3.10.36"
},
{
"status": "affected",
"version": "\u003e= 3.11.0, \u003c 3.11.35"
},
{
"status": "affected",
"version": "\u003e= 3.12.0, \u003c 3.12.25"
},
{
"status": "affected",
"version": "\u003e= 3.13.0, \u003c 3.13.16"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Saleor Core is a composable, headless commerce API. Saleor\u0027s `validate_hmac_signature` function is vulnerable to timing attacks. Malicious users could abuse this vulnerability on Saleor deployments having the Adyen plugin enabled in order to determine the secret key and forge fake events, this could affect the database integrity such as marking an order as paid when it is not. This issue has been patched in versions 3.7.68, 3.8.40, 3.9.49, 3.10.36, 3.11.35, 3.12.25, and 3.13.16."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203: Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-208",
"description": "CWE-208: Observable Timing Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-25T14:29:10.217Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-3rqj-9v87-2x3f",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-3rqj-9v87-2x3f"
},
{
"name": "https://github.com/saleor/saleor/commit/1328274e1a3d04ab87d7daee90229ff47b3bc35e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/1328274e1a3d04ab87d7daee90229ff47b3bc35e"
}
],
"source": {
"advisory": "GHSA-3rqj-9v87-2x3f",
"discovery": "UNKNOWN"
},
"title": "Non-constant time HMAC comparison in Adyen plugin in Saleor"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-32694",
"datePublished": "2023-05-25T14:29:10.217Z",
"dateReserved": "2023-05-11T16:33:45.733Z",
"dateUpdated": "2025-01-16T19:21:54.740Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26052 (GCVE-0-2023-26052)
Vulnerability from nvd – Published: 2023-03-02 18:54 – Updated: 2025-03-05 16:10
VLAI?
Title
Saleor is vulnerable to unauthenticated information disclosure via Python exceptions
Summary
Saleor is a headless, GraphQL commerce platform delivering personalized shopping experiences. Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like infrastructure details in unauthenticated requests. This issue has been patched in versions 3.1.48, 3.7.59, 3.8.0, 3.9.27, 3.10.14 and 3.11.12.
Severity ?
CWE
- CWE-209 - Generation of Error Message Containing Sensitive Information
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-3hvj-3cg9-v242",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-3hvj-3cg9-v242"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.1.48",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.1.48"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.10.14",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.10.14"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.11.12",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.11.12"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.7.59",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.7.59"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.8.30",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.8.30"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.9.27",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.9.27"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26052",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T16:10:39.389638Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T16:10:59.226Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "saleor",
"vendor": "saleor",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 3.1.48"
},
{
"status": "affected",
"version": "\u003e= 3.11.0, \u003c 3.11.12"
},
{
"status": "affected",
"version": "\u003e= 3.10.0, \u003c 3.10.14"
},
{
"status": "affected",
"version": "\u003e= 3.9.0, \u003c 3.9.27"
},
{
"status": "affected",
"version": "\u003e= 3.8.0, \u003c 3.8.30"
},
{
"status": "affected",
"version": "\u003e= 3.7.0, \u003c 3.7.59"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Saleor is a headless, GraphQL commerce platform delivering personalized shopping experiences. Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like infrastructure details in unauthenticated requests. This issue has been patched in versions 3.1.48, 3.7.59, 3.8.0, 3.9.27, 3.10.14 and 3.11.12. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209: Generation of Error Message Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-02T18:54:33.030Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-3hvj-3cg9-v242",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-3hvj-3cg9-v242"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.1.48",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.1.48"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.10.14",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.10.14"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.11.12",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.11.12"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.7.59",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.7.59"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.8.30",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.8.30"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.9.27",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.9.27"
}
],
"source": {
"advisory": "GHSA-3hvj-3cg9-v242",
"discovery": "UNKNOWN"
},
"title": "Saleor is vulnerable to unauthenticated information disclosure via Python exceptions"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-26052",
"datePublished": "2023-03-02T18:54:33.030Z",
"dateReserved": "2023-02-17T22:44:03.150Z",
"dateUpdated": "2025-03-05T16:10:59.226Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26051 (GCVE-0-2023-26051)
Vulnerability from nvd – Published: 2023-03-02 18:29 – Updated: 2025-03-05 20:41
VLAI?
Title
Saleor is vulnerable to staff-authenticated error message information disclosure vulnerability via Python exceptions
Summary
Saleor is a headless, GraphQL commerce platform delivering personalized shopping experiences. Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like user email address in staff-authenticated requests.
Severity ?
6.5 (Medium)
CWE
- CWE-209 - Generation of Error Message Containing Sensitive Information
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.601Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-r8qr-wwg3-2r85",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-r8qr-wwg3-2r85"
},
{
"name": "https://github.com/saleor/saleor/commit/31bce881ccccf0d79a9b14ecb6ca3138d1edeec1",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/31bce881ccccf0d79a9b14ecb6ca3138d1edeec1"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.1.48",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.1.48"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.10.14",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.10.14"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.11.12",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.11.12"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.7.59",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.7.59"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.8.30",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.8.30"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.9.27",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.9.27"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26051",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T20:41:09.751361Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T20:41:26.937Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "saleor",
"vendor": "saleor",
"versions": [
{
"status": "affected",
"version": " \u003e= 2.0.0, \u003c 3.1.48"
},
{
"status": "affected",
"version": "\u003e= 3.11.0, \u003c 3.11.12"
},
{
"status": "affected",
"version": "\u003e= 3.10.0, \u003c 3.10.14"
},
{
"status": "affected",
"version": "\u003e= 3.9.0, \u003c 3.9.27"
},
{
"status": "affected",
"version": "\u003e= 3.8.0, \u003c 3.8.30"
},
{
"status": "affected",
"version": "\u003e= 3.7.0, \u003c 3.7.59"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Saleor is a headless, GraphQL commerce platform delivering personalized shopping experiences. Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like user email address in staff-authenticated requests.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209: Generation of Error Message Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-02T18:29:48.611Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-r8qr-wwg3-2r85",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-r8qr-wwg3-2r85"
},
{
"name": "https://github.com/saleor/saleor/commit/31bce881ccccf0d79a9b14ecb6ca3138d1edeec1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/31bce881ccccf0d79a9b14ecb6ca3138d1edeec1"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.1.48",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.1.48"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.10.14",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.10.14"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.11.12",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.11.12"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.7.59",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.7.59"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.8.30",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.8.30"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.9.27",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.9.27"
}
],
"source": {
"advisory": "GHSA-r8qr-wwg3-2r85",
"discovery": "UNKNOWN"
},
"title": "Saleor is vulnerable to staff-authenticated error message information disclosure vulnerability via Python exceptions"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-26051",
"datePublished": "2023-03-02T18:29:48.611Z",
"dateReserved": "2023-02-17T22:44:03.150Z",
"dateUpdated": "2025-03-05T20:41:26.937Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39275 (GCVE-0-2022-39275)
Vulnerability from nvd – Published: 2022-10-06 00:00 – Updated: 2025-04-23 16:52
VLAI?
Title
Improper object type validation in saleor
Summary
Saleor is a headless, GraphQL commerce platform. In affected versions some GraphQL mutations were not properly checking the ID type input which allowed to access database objects that the authenticated user may not be allowed to access. This vulnerability can be used to expose the following information: Estimating database row counts from tables with a sequential primary key or Exposing staff user and customer email addresses and full name through the `assignNavigation()` mutation. This issue has been patched in main and backported to multiple releases (3.7.17, 3.6.18, 3.5.23, 3.4.24, 3.3.26, 3.2.14, 3.1.24). Users are advised to upgrade. There are no known workarounds for this issue.
Severity ?
5.3 (Medium)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:00:43.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-xhq8-8c5v-w8ff"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/96e04c092ddcac17b14f2e31554aa02d9006d0ce"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-39275",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T15:50:19.505713Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:52:27.439Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "saleor",
"vendor": "saleor",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 3.1.24"
},
{
"status": "affected",
"version": "\u003e= 3.2.0, \u003c 3.2.14"
},
{
"status": "affected",
"version": "\u003e= 3.3.0, \u003c 3.3.26"
},
{
"status": "affected",
"version": "\u003e= 3.4.0, \u003c 3.4.24"
},
{
"status": "affected",
"version": "\u003e= 3.5.0, \u003c 3.5.23"
},
{
"status": "affected",
"version": "\u003e= 3.6.0, \u003c 3.6.18"
},
{
"status": "affected",
"version": "\u003e= 3.7.0, \u003c 3.7.17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Saleor is a headless, GraphQL commerce platform. In affected versions some GraphQL mutations were not properly checking the ID type input which allowed to access database objects that the authenticated user may not be allowed to access. This vulnerability can be used to expose the following information: Estimating database row counts from tables with a sequential primary key or Exposing staff user and customer email addresses and full name through the `assignNavigation()` mutation. This issue has been patched in main and backported to multiple releases (3.7.17, 3.6.18, 3.5.23, 3.4.24, 3.3.26, 3.2.14, 3.1.24). Users are advised to upgrade. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-xhq8-8c5v-w8ff"
},
{
"url": "https://github.com/saleor/saleor/commit/96e04c092ddcac17b14f2e31554aa02d9006d0ce"
}
],
"source": {
"advisory": "GHSA-xhq8-8c5v-w8ff",
"discovery": "UNKNOWN"
},
"title": "Improper object type validation in saleor"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-39275",
"datePublished": "2022-10-06T00:00:00.000Z",
"dateReserved": "2022-09-02T00:00:00.000Z",
"dateUpdated": "2025-04-23T16:52:27.439Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0932 (GCVE-0-2022-0932)
Vulnerability from nvd – Published: 2022-03-11 00:00 – Updated: 2024-08-02 23:47
VLAI?
Title
Missing Authorization in saleor/saleor
Summary
Missing Authorization in GitHub repository saleor/saleor prior to 3.1.2.
Severity ?
6.5 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| saleor | saleor/saleor |
Affected:
unspecified , < 3.1.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:47:42.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/88ae4cbc-c697-401b-8b04-7dc4e03ad8eb"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/521dfd6394f3926a77c60d8633c058e16d0f916d"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "saleor/saleor",
"vendor": "saleor",
"versions": [
{
"lessThan": "3.1.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization in GitHub repository saleor/saleor prior to 3.1.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-29T00:00:00",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/88ae4cbc-c697-401b-8b04-7dc4e03ad8eb"
},
{
"url": "https://github.com/saleor/saleor/commit/521dfd6394f3926a77c60d8633c058e16d0f916d"
}
],
"source": {
"advisory": "88ae4cbc-c697-401b-8b04-7dc4e03ad8eb",
"discovery": "EXTERNAL"
},
"title": "Missing Authorization in saleor/saleor"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-0932",
"datePublished": "2022-03-11T00:00:00",
"dateReserved": "2022-03-11T00:00:00",
"dateUpdated": "2024-08-02T23:47:42.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1010304 (GCVE-0-2019-1010304)
Vulnerability from nvd – Published: 2019-07-15 14:45 – Updated: 2024-08-05 03:07
VLAI?
Summary
Saleor Issue was introduced by merge commit: e1b01bad0703afd08d297ed3f1f472248312cc9c. This commit was released as part of 2.0.0 release is affected by: Incorrect Access Control. The impact is: Important. The component is: ProductVariant type in GraphQL API. The attack vector is: Unauthenticated user can access the GraphQL API (which is by default publicly exposed under `/graphql/` URL) and fetch products data which may include admin-restricted shop's revenue data. The fixed version is: 2.3.1.
Severity ?
No CVSS data available.
CWE
- Incorrect Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:07:18.378Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mirumee/saleor/issues/3768"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Saleor",
"vendor": "Saleor",
"versions": [
{
"status": "affected",
"version": "Issue was introduced by merge commit: e1b01bad0703afd08d297ed3f1f472248312cc9c. This commit was released as part of 2.0.0 release [fixed: 2.3.1]"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Saleor Issue was introduced by merge commit: e1b01bad0703afd08d297ed3f1f472248312cc9c. This commit was released as part of 2.0.0 release is affected by: Incorrect Access Control. The impact is: Important. The component is: ProductVariant type in GraphQL API. The attack vector is: Unauthenticated user can access the GraphQL API (which is by default publicly exposed under `/graphql/` URL) and fetch products data which may include admin-restricted shop\u0027s revenue data. The fixed version is: 2.3.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Incorrect Access Control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-15T14:45:39",
"orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"shortName": "dwf"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mirumee/saleor/issues/3768"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010304",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Saleor",
"version": {
"version_data": [
{
"version_value": "Issue was introduced by merge commit: e1b01bad0703afd08d297ed3f1f472248312cc9c. This commit was released as part of 2.0.0 release [fixed: 2.3.1]"
}
]
}
}
]
},
"vendor_name": "Saleor"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Saleor Issue was introduced by merge commit: e1b01bad0703afd08d297ed3f1f472248312cc9c. This commit was released as part of 2.0.0 release is affected by: Incorrect Access Control. The impact is: Important. The component is: ProductVariant type in GraphQL API. The attack vector is: Unauthenticated user can access the GraphQL API (which is by default publicly exposed under `/graphql/` URL) and fetch products data which may include admin-restricted shop\u0027s revenue data. The fixed version is: 2.3.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/mirumee/saleor/issues/3768",
"refsource": "MISC",
"url": "https://github.com/mirumee/saleor/issues/3768"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"assignerShortName": "dwf",
"cveId": "CVE-2019-1010304",
"datePublished": "2019-07-15T14:45:39",
"dateReserved": "2019-03-20T00:00:00",
"dateUpdated": "2024-08-05T03:07:18.378Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-58442 (GCVE-0-2025-58442)
Vulnerability from cvelistv5 – Published: 2025-09-09 19:46 – Updated: 2025-09-10 13:50
VLAI?
Title
Saleor has user enumeration vulnerability due to different error messages
Summary
Saleor is an e-commerce platform. Starting in version 3.21.0 and prior to version 3.21.16, requesting certain fields in the response of `accountRegister` may result in errors that could unintentionally reveal whether a user with the provided email already exists in Saleor. Version 3.21.16 fixes the issue. As a workaround, rate-limit the mutation to reduce the impact.
Severity ?
5.3 (Medium)
CWE
- CWE-204 - Observable Response Discrepancy
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-58442",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-10T13:50:34.635633Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-10T13:50:40.777Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "saleor",
"vendor": "saleor",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.21.0, \u003c 3.21.16"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Saleor is an e-commerce platform. Starting in version 3.21.0 and prior to version 3.21.16, requesting certain fields in the response of `accountRegister` may result in errors that could unintentionally reveal whether a user with the provided email already exists in Saleor. Version 3.21.16 fixes the issue. As a workaround, rate-limit the mutation to reduce the impact."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-204",
"description": "CWE-204: Observable Response Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T19:46:45.798Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-8w67-mfm5-fwx5",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-8w67-mfm5-fwx5"
},
{
"name": "https://github.com/saleor/saleor/commit/09d671e91ea53a44352d5f685083dc05a2f55e95",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/09d671e91ea53a44352d5f685083dc05a2f55e95"
},
{
"name": "https://github.com/saleor/saleor/commit/b35783838e51cfc118e07d632f64b01bc3a2c4bb",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/b35783838e51cfc118e07d632f64b01bc3a2c4bb"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.21.16",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.21.16"
}
],
"source": {
"advisory": "GHSA-8w67-mfm5-fwx5",
"discovery": "UNKNOWN"
},
"title": "Saleor has user enumeration vulnerability due to different error messages"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-58442",
"datePublished": "2025-09-09T19:46:45.798Z",
"dateReserved": "2025-09-01T20:03:06.532Z",
"dateUpdated": "2025-09-10T13:50:40.777Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-31205 (GCVE-0-2024-31205)
Vulnerability from cvelistv5 – Published: 2024-04-08 14:26 – Updated: 2024-08-02 01:46
VLAI?
Title
Saleor CSRF bypass in refreshToken mutation
Summary
Saleor is an e-commerce platform. Starting in version 3.10.0 and prior to versions 3.14.64, 3.15.39, 3.16.39, 3.17.35, 3.18.31, and 3.19.19, an attacker may bypass cross-set request forgery (CSRF) validation when calling refresh token mutation with empty string. When a user provides an empty string in `refreshToken` mutation, while the token persists in `JWT_REFRESH_TOKEN_COOKIE_NAME` cookie, application omits validation against CSRF token and returns valid access token. Versions 3.14.64, 3.15.39, 3.16.39, 3.17.35, 3.18.31, and 3.19.19 contain a patch for the issue. As a workaround, one may replace `saleor.graphql.account.mutations.authentication.refresh_token.py.get_refresh_token`. This will fix the issue, but be aware, that it returns `JWT_MISSING_TOKEN` instead of `JWT_INVALID_TOKEN`.
Severity ?
4.2 (Medium)
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-31205",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-09T15:46:25.741486Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:37:18.826Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:46:04.600Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-ff69-fwjf-3c9w",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-ff69-fwjf-3c9w"
},
{
"name": "https://github.com/saleor/saleor/commit/36699c6f5c99590d24f46e3d5c5b1a3c2fd072e7",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/36699c6f5c99590d24f46e3d5c5b1a3c2fd072e7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "saleor",
"vendor": "saleor",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.10.0, \u003c 3.14.64"
},
{
"status": "affected",
"version": "\u003e= 3.15.0, \u003c 3.15.39"
},
{
"status": "affected",
"version": "\u003e= 3.16.0, \u003c 3.16.39"
},
{
"status": "affected",
"version": "\u003e= 3.17.0, \u003c 3.17.35"
},
{
"status": "affected",
"version": "\u003e= 3.18.0, \u003c 3.18.31"
},
{
"status": "affected",
"version": "\u003e= 3.19.0, \u003c 3.19.19"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Saleor is an e-commerce platform. Starting in version 3.10.0 and prior to versions 3.14.64, 3.15.39, 3.16.39, 3.17.35, 3.18.31, and 3.19.19, an attacker may bypass cross-set request forgery (CSRF) validation when calling refresh token mutation with empty string. When a user provides an empty string in `refreshToken` mutation, while the token persists in `JWT_REFRESH_TOKEN_COOKIE_NAME` cookie, application omits validation against CSRF token and returns valid access token. Versions 3.14.64, 3.15.39, 3.16.39, 3.17.35, 3.18.31, and 3.19.19 contain a patch for the issue. As a workaround, one may replace `saleor.graphql.account.mutations.authentication.refresh_token.py.get_refresh_token`. This will fix the issue, but be aware, that it returns `JWT_MISSING_TOKEN` instead of `JWT_INVALID_TOKEN`.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352: Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-08T14:26:30.971Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-ff69-fwjf-3c9w",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-ff69-fwjf-3c9w"
},
{
"name": "https://github.com/saleor/saleor/commit/36699c6f5c99590d24f46e3d5c5b1a3c2fd072e7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/36699c6f5c99590d24f46e3d5c5b1a3c2fd072e7"
}
],
"source": {
"advisory": "GHSA-ff69-fwjf-3c9w",
"discovery": "UNKNOWN"
},
"title": "Saleor CSRF bypass in refreshToken mutation"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-31205",
"datePublished": "2024-04-08T14:26:30.971Z",
"dateReserved": "2024-03-29T14:16:31.899Z",
"dateUpdated": "2024-08-02T01:46:04.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-29888 (GCVE-0-2024-29888)
Vulnerability from cvelistv5 – Published: 2024-03-27 18:53 – Updated: 2024-08-02 01:17
VLAI?
Title
Saleor vulnerable to customers addresses leak when using Warehouse as a `Pickup: Local stock only` delivery method
Summary
Saleor is an e-commerce platform that serves high-volume companies. When using `Pickup: Local stock only` click-and-collect as a delivery method in specific conditions the customer could overwrite the warehouse address with its own, which exposes its address as click-and-collect address. This issue has been patched in versions: `3.14.61`, `3.15.37`, `3.16.34`, `3.17.32`, `3.18.28`, `3.19.15`.
Severity ?
4.2 (Medium)
CWE
- CWE-359 - Exposure of Private Personal Information to an Unauthorized Actor
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29888",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-27T19:54:53.329148Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:21:18.651Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:17:58.440Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-mrj3-f2h4-7w45",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-mrj3-f2h4-7w45"
},
{
"name": "https://github.com/saleor/saleor/pull/15694",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/pull/15694"
},
{
"name": "https://github.com/saleor/saleor/pull/15697",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/pull/15697"
},
{
"name": "https://github.com/saleor/saleor/commit/22a1aa3ef0bc54156405f69146788016a7f3f761",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/22a1aa3ef0bc54156405f69146788016a7f3f761"
},
{
"name": "https://github.com/saleor/saleor/commit/39abb0f4e4fe6503f81bfbb871227e4f70bcdd5c",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/39abb0f4e4fe6503f81bfbb871227e4f70bcdd5c"
},
{
"name": "https://github.com/saleor/saleor/commit/47cedfd7d6524d79bdb04708edcdbb235874de6b",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/47cedfd7d6524d79bdb04708edcdbb235874de6b"
},
{
"name": "https://github.com/saleor/saleor/commit/997f7ea4f576543ec88679a86bfe1b14f7f2ff26",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/997f7ea4f576543ec88679a86bfe1b14f7f2ff26"
},
{
"name": "https://github.com/saleor/saleor/commit/b7cecda8b603f7472790150bb4508c7b655946d4",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/b7cecda8b603f7472790150bb4508c7b655946d4"
},
{
"name": "https://github.com/saleor/saleor/commit/d8ba545c16ad3153febc5b5be8fd2ef75da9fc95",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/d8ba545c16ad3153febc5b5be8fd2ef75da9fc95"
},
{
"name": "https://github.com/saleor/saleor/commit/dccc2c842b4e2e09470929c80f07dc137e439182",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/dccc2c842b4e2e09470929c80f07dc137e439182"
},
{
"name": "https://github.com/saleor/saleor/commit/ef003c76a304c89ddb2dc65b7f1d5b3b2ba1c640",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/ef003c76a304c89ddb2dc65b7f1d5b3b2ba1c640"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "saleor",
"vendor": "saleor",
"versions": [
{
"status": "affected",
"version": "\u003e= 3.14.56, \u003c 3.14.61"
},
{
"status": "affected",
"version": "\u003e= 3.15.31, \u003c 3.15.37"
},
{
"status": "affected",
"version": "\u003e= 3.16.27, \u003c 3.16.34"
},
{
"status": "affected",
"version": "\u003e= 3.17.25, \u003c 3.17.32"
},
{
"status": "affected",
"version": "\u003e= 3.18.19, \u003c 3.18.28"
},
{
"status": "affected",
"version": "\u003e= 3.19.5, \u003c 3.19.15"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Saleor is an e-commerce platform that serves high-volume companies. When using `Pickup: Local stock only` click-and-collect as a delivery method in specific conditions the customer could overwrite the warehouse address with its own, which exposes its address as click-and-collect address. This issue has been patched in versions: `3.14.61`, `3.15.37`, `3.16.34`, `3.17.32`, `3.18.28`, `3.19.15`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-359",
"description": "CWE-359: Exposure of Private Personal Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-27T18:53:44.698Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-mrj3-f2h4-7w45",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-mrj3-f2h4-7w45"
},
{
"name": "https://github.com/saleor/saleor/pull/15694",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/pull/15694"
},
{
"name": "https://github.com/saleor/saleor/pull/15697",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/pull/15697"
},
{
"name": "https://github.com/saleor/saleor/commit/22a1aa3ef0bc54156405f69146788016a7f3f761",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/22a1aa3ef0bc54156405f69146788016a7f3f761"
},
{
"name": "https://github.com/saleor/saleor/commit/39abb0f4e4fe6503f81bfbb871227e4f70bcdd5c",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/39abb0f4e4fe6503f81bfbb871227e4f70bcdd5c"
},
{
"name": "https://github.com/saleor/saleor/commit/47cedfd7d6524d79bdb04708edcdbb235874de6b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/47cedfd7d6524d79bdb04708edcdbb235874de6b"
},
{
"name": "https://github.com/saleor/saleor/commit/997f7ea4f576543ec88679a86bfe1b14f7f2ff26",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/997f7ea4f576543ec88679a86bfe1b14f7f2ff26"
},
{
"name": "https://github.com/saleor/saleor/commit/b7cecda8b603f7472790150bb4508c7b655946d4",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/b7cecda8b603f7472790150bb4508c7b655946d4"
},
{
"name": "https://github.com/saleor/saleor/commit/d8ba545c16ad3153febc5b5be8fd2ef75da9fc95",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/d8ba545c16ad3153febc5b5be8fd2ef75da9fc95"
},
{
"name": "https://github.com/saleor/saleor/commit/dccc2c842b4e2e09470929c80f07dc137e439182",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/dccc2c842b4e2e09470929c80f07dc137e439182"
},
{
"name": "https://github.com/saleor/saleor/commit/ef003c76a304c89ddb2dc65b7f1d5b3b2ba1c640",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/ef003c76a304c89ddb2dc65b7f1d5b3b2ba1c640"
}
],
"source": {
"advisory": "GHSA-mrj3-f2h4-7w45",
"discovery": "UNKNOWN"
},
"title": "Saleor vulnerable to customers addresses leak when using Warehouse as a `Pickup: Local stock only` delivery method"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-29888",
"datePublished": "2024-03-27T18:53:44.698Z",
"dateReserved": "2024-03-21T15:12:08.997Z",
"dateUpdated": "2024-08-02T01:17:58.440Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32694 (GCVE-0-2023-32694)
Vulnerability from cvelistv5 – Published: 2023-05-25 14:29 – Updated: 2025-01-16 19:21
VLAI?
Title
Non-constant time HMAC comparison in Adyen plugin in Saleor
Summary
Saleor Core is a composable, headless commerce API. Saleor's `validate_hmac_signature` function is vulnerable to timing attacks. Malicious users could abuse this vulnerability on Saleor deployments having the Adyen plugin enabled in order to determine the secret key and forge fake events, this could affect the database integrity such as marking an order as paid when it is not. This issue has been patched in versions 3.7.68, 3.8.40, 3.9.49, 3.10.36, 3.11.35, 3.12.25, and 3.13.16.
Severity ?
4.8 (Medium)
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T15:25:36.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-3rqj-9v87-2x3f",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-3rqj-9v87-2x3f"
},
{
"name": "https://github.com/saleor/saleor/commit/1328274e1a3d04ab87d7daee90229ff47b3bc35e",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/1328274e1a3d04ab87d7daee90229ff47b3bc35e"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32694",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-16T19:21:44.207892Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-16T19:21:54.740Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "saleor",
"vendor": "saleor",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.11.0, \u003c 3.7.68"
},
{
"status": "affected",
"version": "\u003e= 3.8.0, \u003c 3.8.40"
},
{
"status": "affected",
"version": "\u003e= 3.9.0, \u003c 3.9.49"
},
{
"status": "affected",
"version": "\u003e= 3.10.0, \u003c 3.10.36"
},
{
"status": "affected",
"version": "\u003e= 3.11.0, \u003c 3.11.35"
},
{
"status": "affected",
"version": "\u003e= 3.12.0, \u003c 3.12.25"
},
{
"status": "affected",
"version": "\u003e= 3.13.0, \u003c 3.13.16"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Saleor Core is a composable, headless commerce API. Saleor\u0027s `validate_hmac_signature` function is vulnerable to timing attacks. Malicious users could abuse this vulnerability on Saleor deployments having the Adyen plugin enabled in order to determine the secret key and forge fake events, this could affect the database integrity such as marking an order as paid when it is not. This issue has been patched in versions 3.7.68, 3.8.40, 3.9.49, 3.10.36, 3.11.35, 3.12.25, and 3.13.16."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203: Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-208",
"description": "CWE-208: Observable Timing Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-25T14:29:10.217Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-3rqj-9v87-2x3f",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-3rqj-9v87-2x3f"
},
{
"name": "https://github.com/saleor/saleor/commit/1328274e1a3d04ab87d7daee90229ff47b3bc35e",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/1328274e1a3d04ab87d7daee90229ff47b3bc35e"
}
],
"source": {
"advisory": "GHSA-3rqj-9v87-2x3f",
"discovery": "UNKNOWN"
},
"title": "Non-constant time HMAC comparison in Adyen plugin in Saleor"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-32694",
"datePublished": "2023-05-25T14:29:10.217Z",
"dateReserved": "2023-05-11T16:33:45.733Z",
"dateUpdated": "2025-01-16T19:21:54.740Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26052 (GCVE-0-2023-26052)
Vulnerability from cvelistv5 – Published: 2023-03-02 18:54 – Updated: 2025-03-05 16:10
VLAI?
Title
Saleor is vulnerable to unauthenticated information disclosure via Python exceptions
Summary
Saleor is a headless, GraphQL commerce platform delivering personalized shopping experiences. Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like infrastructure details in unauthenticated requests. This issue has been patched in versions 3.1.48, 3.7.59, 3.8.0, 3.9.27, 3.10.14 and 3.11.12.
Severity ?
CWE
- CWE-209 - Generation of Error Message Containing Sensitive Information
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.560Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-3hvj-3cg9-v242",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-3hvj-3cg9-v242"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.1.48",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.1.48"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.10.14",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.10.14"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.11.12",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.11.12"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.7.59",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.7.59"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.8.30",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.8.30"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.9.27",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.9.27"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26052",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T16:10:39.389638Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T16:10:59.226Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "saleor",
"vendor": "saleor",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 3.1.48"
},
{
"status": "affected",
"version": "\u003e= 3.11.0, \u003c 3.11.12"
},
{
"status": "affected",
"version": "\u003e= 3.10.0, \u003c 3.10.14"
},
{
"status": "affected",
"version": "\u003e= 3.9.0, \u003c 3.9.27"
},
{
"status": "affected",
"version": "\u003e= 3.8.0, \u003c 3.8.30"
},
{
"status": "affected",
"version": "\u003e= 3.7.0, \u003c 3.7.59"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Saleor is a headless, GraphQL commerce platform delivering personalized shopping experiences. Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like infrastructure details in unauthenticated requests. This issue has been patched in versions 3.1.48, 3.7.59, 3.8.0, 3.9.27, 3.10.14 and 3.11.12. "
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209: Generation of Error Message Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-02T18:54:33.030Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-3hvj-3cg9-v242",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-3hvj-3cg9-v242"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.1.48",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.1.48"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.10.14",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.10.14"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.11.12",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.11.12"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.7.59",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.7.59"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.8.30",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.8.30"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.9.27",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.9.27"
}
],
"source": {
"advisory": "GHSA-3hvj-3cg9-v242",
"discovery": "UNKNOWN"
},
"title": "Saleor is vulnerable to unauthenticated information disclosure via Python exceptions"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-26052",
"datePublished": "2023-03-02T18:54:33.030Z",
"dateReserved": "2023-02-17T22:44:03.150Z",
"dateUpdated": "2025-03-05T16:10:59.226Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26051 (GCVE-0-2023-26051)
Vulnerability from cvelistv5 – Published: 2023-03-02 18:29 – Updated: 2025-03-05 20:41
VLAI?
Title
Saleor is vulnerable to staff-authenticated error message information disclosure vulnerability via Python exceptions
Summary
Saleor is a headless, GraphQL commerce platform delivering personalized shopping experiences. Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like user email address in staff-authenticated requests.
Severity ?
6.5 (Medium)
CWE
- CWE-209 - Generation of Error Message Containing Sensitive Information
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:39:06.601Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-r8qr-wwg3-2r85",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-r8qr-wwg3-2r85"
},
{
"name": "https://github.com/saleor/saleor/commit/31bce881ccccf0d79a9b14ecb6ca3138d1edeec1",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/31bce881ccccf0d79a9b14ecb6ca3138d1edeec1"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.1.48",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.1.48"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.10.14",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.10.14"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.11.12",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.11.12"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.7.59",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.7.59"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.8.30",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.8.30"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.9.27",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.9.27"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26051",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T20:41:09.751361Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T20:41:26.937Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "saleor",
"vendor": "saleor",
"versions": [
{
"status": "affected",
"version": " \u003e= 2.0.0, \u003c 3.1.48"
},
{
"status": "affected",
"version": "\u003e= 3.11.0, \u003c 3.11.12"
},
{
"status": "affected",
"version": "\u003e= 3.10.0, \u003c 3.10.14"
},
{
"status": "affected",
"version": "\u003e= 3.9.0, \u003c 3.9.27"
},
{
"status": "affected",
"version": "\u003e= 3.8.0, \u003c 3.8.30"
},
{
"status": "affected",
"version": "\u003e= 3.7.0, \u003c 3.7.59"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Saleor is a headless, GraphQL commerce platform delivering personalized shopping experiences. Some internal Python exceptions are not handled properly and thus are returned in API as error messages. Some messages might contain sensitive information like user email address in staff-authenticated requests.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209: Generation of Error Message Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-02T18:29:48.611Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/saleor/saleor/security/advisories/GHSA-r8qr-wwg3-2r85",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-r8qr-wwg3-2r85"
},
{
"name": "https://github.com/saleor/saleor/commit/31bce881ccccf0d79a9b14ecb6ca3138d1edeec1",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/commit/31bce881ccccf0d79a9b14ecb6ca3138d1edeec1"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.1.48",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.1.48"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.10.14",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.10.14"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.11.12",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.11.12"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.7.59",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.7.59"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.8.30",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.8.30"
},
{
"name": "https://github.com/saleor/saleor/releases/tag/3.9.27",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/saleor/saleor/releases/tag/3.9.27"
}
],
"source": {
"advisory": "GHSA-r8qr-wwg3-2r85",
"discovery": "UNKNOWN"
},
"title": "Saleor is vulnerable to staff-authenticated error message information disclosure vulnerability via Python exceptions"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-26051",
"datePublished": "2023-03-02T18:29:48.611Z",
"dateReserved": "2023-02-17T22:44:03.150Z",
"dateUpdated": "2025-03-05T20:41:26.937Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-39275 (GCVE-0-2022-39275)
Vulnerability from cvelistv5 – Published: 2022-10-06 00:00 – Updated: 2025-04-23 16:52
VLAI?
Title
Improper object type validation in saleor
Summary
Saleor is a headless, GraphQL commerce platform. In affected versions some GraphQL mutations were not properly checking the ID type input which allowed to access database objects that the authenticated user may not be allowed to access. This vulnerability can be used to expose the following information: Estimating database row counts from tables with a sequential primary key or Exposing staff user and customer email addresses and full name through the `assignNavigation()` mutation. This issue has been patched in main and backported to multiple releases (3.7.17, 3.6.18, 3.5.23, 3.4.24, 3.3.26, 3.2.14, 3.1.24). Users are advised to upgrade. There are no known workarounds for this issue.
Severity ?
5.3 (Medium)
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:00:43.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-xhq8-8c5v-w8ff"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/96e04c092ddcac17b14f2e31554aa02d9006d0ce"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-39275",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T15:50:19.505713Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:52:27.439Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "saleor",
"vendor": "saleor",
"versions": [
{
"status": "affected",
"version": "\u003e= 2.0.0, \u003c 3.1.24"
},
{
"status": "affected",
"version": "\u003e= 3.2.0, \u003c 3.2.14"
},
{
"status": "affected",
"version": "\u003e= 3.3.0, \u003c 3.3.26"
},
{
"status": "affected",
"version": "\u003e= 3.4.0, \u003c 3.4.24"
},
{
"status": "affected",
"version": "\u003e= 3.5.0, \u003c 3.5.23"
},
{
"status": "affected",
"version": "\u003e= 3.6.0, \u003c 3.6.18"
},
{
"status": "affected",
"version": "\u003e= 3.7.0, \u003c 3.7.17"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Saleor is a headless, GraphQL commerce platform. In affected versions some GraphQL mutations were not properly checking the ID type input which allowed to access database objects that the authenticated user may not be allowed to access. This vulnerability can be used to expose the following information: Estimating database row counts from tables with a sequential primary key or Exposing staff user and customer email addresses and full name through the `assignNavigation()` mutation. This issue has been patched in main and backported to multiple releases (3.7.17, 3.6.18, 3.5.23, 3.4.24, 3.3.26, 3.2.14, 3.1.24). Users are advised to upgrade. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863: Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-11T00:00:00.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "https://github.com/saleor/saleor/security/advisories/GHSA-xhq8-8c5v-w8ff"
},
{
"url": "https://github.com/saleor/saleor/commit/96e04c092ddcac17b14f2e31554aa02d9006d0ce"
}
],
"source": {
"advisory": "GHSA-xhq8-8c5v-w8ff",
"discovery": "UNKNOWN"
},
"title": "Improper object type validation in saleor"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-39275",
"datePublished": "2022-10-06T00:00:00.000Z",
"dateReserved": "2022-09-02T00:00:00.000Z",
"dateUpdated": "2025-04-23T16:52:27.439Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0932 (GCVE-0-2022-0932)
Vulnerability from cvelistv5 – Published: 2022-03-11 00:00 – Updated: 2024-08-02 23:47
VLAI?
Title
Missing Authorization in saleor/saleor
Summary
Missing Authorization in GitHub repository saleor/saleor prior to 3.1.2.
Severity ?
6.5 (Medium)
CWE
- CWE-862 - Missing Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| saleor | saleor/saleor |
Affected:
unspecified , < 3.1.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:47:42.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/88ae4cbc-c697-401b-8b04-7dc4e03ad8eb"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/saleor/saleor/commit/521dfd6394f3926a77c60d8633c058e16d0f916d"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "saleor/saleor",
"vendor": "saleor",
"versions": [
{
"lessThan": "3.1.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Missing Authorization in GitHub repository saleor/saleor prior to 3.1.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-29T00:00:00",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/88ae4cbc-c697-401b-8b04-7dc4e03ad8eb"
},
{
"url": "https://github.com/saleor/saleor/commit/521dfd6394f3926a77c60d8633c058e16d0f916d"
}
],
"source": {
"advisory": "88ae4cbc-c697-401b-8b04-7dc4e03ad8eb",
"discovery": "EXTERNAL"
},
"title": "Missing Authorization in saleor/saleor"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-0932",
"datePublished": "2022-03-11T00:00:00",
"dateReserved": "2022-03-11T00:00:00",
"dateUpdated": "2024-08-02T23:47:42.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-1010304 (GCVE-0-2019-1010304)
Vulnerability from cvelistv5 – Published: 2019-07-15 14:45 – Updated: 2024-08-05 03:07
VLAI?
Summary
Saleor Issue was introduced by merge commit: e1b01bad0703afd08d297ed3f1f472248312cc9c. This commit was released as part of 2.0.0 release is affected by: Incorrect Access Control. The impact is: Important. The component is: ProductVariant type in GraphQL API. The attack vector is: Unauthenticated user can access the GraphQL API (which is by default publicly exposed under `/graphql/` URL) and fetch products data which may include admin-restricted shop's revenue data. The fixed version is: 2.3.1.
Severity ?
No CVSS data available.
CWE
- Incorrect Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:07:18.378Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/mirumee/saleor/issues/3768"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Saleor",
"vendor": "Saleor",
"versions": [
{
"status": "affected",
"version": "Issue was introduced by merge commit: e1b01bad0703afd08d297ed3f1f472248312cc9c. This commit was released as part of 2.0.0 release [fixed: 2.3.1]"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Saleor Issue was introduced by merge commit: e1b01bad0703afd08d297ed3f1f472248312cc9c. This commit was released as part of 2.0.0 release is affected by: Incorrect Access Control. The impact is: Important. The component is: ProductVariant type in GraphQL API. The attack vector is: Unauthenticated user can access the GraphQL API (which is by default publicly exposed under `/graphql/` URL) and fetch products data which may include admin-restricted shop\u0027s revenue data. The fixed version is: 2.3.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Incorrect Access Control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-15T14:45:39",
"orgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"shortName": "dwf"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/mirumee/saleor/issues/3768"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-assign@distributedweaknessfiling.org",
"ID": "CVE-2019-1010304",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Saleor",
"version": {
"version_data": [
{
"version_value": "Issue was introduced by merge commit: e1b01bad0703afd08d297ed3f1f472248312cc9c. This commit was released as part of 2.0.0 release [fixed: 2.3.1]"
}
]
}
}
]
},
"vendor_name": "Saleor"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Saleor Issue was introduced by merge commit: e1b01bad0703afd08d297ed3f1f472248312cc9c. This commit was released as part of 2.0.0 release is affected by: Incorrect Access Control. The impact is: Important. The component is: ProductVariant type in GraphQL API. The attack vector is: Unauthenticated user can access the GraphQL API (which is by default publicly exposed under `/graphql/` URL) and fetch products data which may include admin-restricted shop\u0027s revenue data. The fixed version is: 2.3.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/mirumee/saleor/issues/3768",
"refsource": "MISC",
"url": "https://github.com/mirumee/saleor/issues/3768"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7556d962-6fb7-411e-85fa-6cd62f095ba8",
"assignerShortName": "dwf",
"cveId": "CVE-2019-1010304",
"datePublished": "2019-07-15T14:45:39",
"dateReserved": "2019-03-20T00:00:00",
"dateUpdated": "2024-08-05T03:07:18.378Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}