E-Commerce
saleor/saleor
Saleor Core: the high performance, composable, headless commerce API.
#python#store#commerce#shop#ecommerce#cart#graphql#headless#headless-commerce#multichannel#shopping-cart#composable#oms#pim#checkout#payments#order-management#e-commerce
スコア
80
/ 100
Star
22,901
Fork
6,023
Open Issue
186
サイズ
236MB
言語
Python ★
最終push
1 日前
Docker
🐳 Dockerfile ★
採点内訳
過去CVE 14件 (やや多い)
✓直近 push: 1 日前
✓得意言語 (Python)
✓オープンissue 186件
✓大規模 (236MB)
—Docker 対応 (Dockerfile)
✓10k–50k: 中級 (★22,901)
—※ 各項目の重みは「採点ルール」を参照。合計は 0 で底打ち。
過去の SecurityAdvisory (14 件)
- Denial of Service via Unbounded GraphQL Query Batching
- Resource exhaustion vulnerability in GraphQL queries
- Cross-Account Email Change via Unbound Confirmation Token
- User enumeration vulnerability due to different error messages
- Insecure Direct Object Reference (IDOR) in GraphQL API
- Stored XSS via Unrestricted File Uploads
- Lack of proper HTML sanitization in rich text fields
- User enumeration vulnerability in Saleor due to different error messages
- CSRF bypass in refreshToken mutation
- Customers addresses leak when using Warehouse as a `Pickup: Local stock only` delivery method
- Non-constant time HMAC comparison in Adyen plugin
- Staff-Authenticated Error Message Information Disclosure Vulnerability via Python Exceptions
- Unauthenticated Information Disclosure Vulnerability via Python Exceptions
- Improper object type validation in mutations leading to unauthorized access