E-Commerce

spree/spree

Open-source headless eCommerce platform with REST API, TypeScript SDK, and Next.js storefront for cross-border, B2B or marketplace eCommerce.

#ecommerce#e-commerce#ecommerce-platform#spree-commerce#marketplace#multi-tenant#multi-vendor#multi-vendor-ecommerce#ecommerce-api#ecommerce-framework#open-source#headless#headless-commerce#headless-ecommerce#b2b-commerce

スコア

/ 100

Star

15,420

Fork

5,256

Open Issue

サイズ

268MB

言語

Ruby

最終push

0 日前

Docker

🐳 compose ★

採点内訳

過去CVE 6件 (適量)

✓

直近 push: 0 日前

✓

得意言語 (Ruby)

—

オープンissue 72件

—

大規模 (268MB)

—

Docker 対応 (compose)

✓

10k–50k: 中級 (★15,420)

—

※ 各項目の重みは「採点ルール」を参照。合計は 0 で底打ち。

過去の SecurityAdvisory (6 件)

HIGHGHSA-87fh-rc96-6fr6 CVE-2026-257582026/2/5
Unauthenticated users can access all guest addresses
HIGHGHSA-p6pv-q7rc-g4h9 CVE-2026-257572026/2/5
Unauthenticated users can view completed guest orders by Order ID
HIGHGHSA-3ghg-3787-w2xr CVE-2026-225892026/1/8
Unauthenticated IDOR - Guest Address
MEDIUMGHSA-g268-72p7-9j6j CVE-2026-225882026/1/8
Authenticated Insecure Direct Object Reference (IDOR) via Order Modification
HIGHGHSA-m2jr-hmc3-qmpr CVE-2020-262232020/11/12
Passing an empty string '' as the token allows to query any complete order without knowing it's token
HIGHGHSA-f8cm-364f-q9qh CVE-2020-152692020/10/20
Ensure that doorkeeper_token is valid when authenticating requests in API v2 calls