E-Commerce

vendurehq/vendure

Open source headless commerce framework built with TypeScript, NestJS, React and GraphQL

#ecommerce#headless#graphql#nodejs#shopping-cart#ecommerce-framework#ecommerce-api#ecommerce-platform#nestjs#headless-commerce#nodejs-ecommerce#graphql-commerce#react

スコア

100

/ 100

Star

8,122

Fork

1,392

Open Issue

199

サイズ

132MB

言語

TypeScript ★

最終push

0 日前

Docker

🐳 compose ★

採点内訳

過去CVE 3件 (適量)

✓

直近 push: 0 日前

✓

得意言語 (TypeScript)

✓

オープンissue 199件

✓

大規模 (132MB)

—

Docker 対応 (compose)

✓

1k–10k: 初心者ベスト (★8,122)

✓

※ 各項目の重みは「採点ルール」を参照。合計は 0 で底打ち。

過去の SecurityAdvisory (6 件)

CRITICALGHSA-9pp3-53p2-ww9v CVE-2026-408872026/4/13
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in @vendure/core
LOWGHSA-6f65-4fv2-wwch CVE-2026-250502026/1/30
Timing attack enables user enumeration in NativeAuthenticationStrategy
CRITICALGHSA-r9mq-3c9r-fmjq CVE-2024-489142024/10/15
Local file read vulnerability with AssetServerPlugin & LocalAssetStorageStrategy
MEDIUMGHSA-wm63-7627-ch332023/11/17
Insecure currencyCode handling allows wrong payment amounts
LOWGHSA-h9wq-xcqx-mqxm2023/7/11
CSRF impacting all API requests
MEDIUMGHSA-gm68-572p-q28r2023/7/4
Authenticated XSS in admin-ui description