spree_backend vulnerabilities

Required dependency for Spree

Latest version: 3.5.0.rc1

View on RubyGems.org

Licenses detected

  • license: Unknown < 3.0.0.rc1, >= 2.0.0.rc1
  • license: BSD-3-Clause < 3.2.0.rc1, >= 3.0.0.rc1,>=3.2.0.rc1
Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications
Vulnerability Vulnerable versions Snyk patch Published
  • M
Cross-site Scripting (XSS)
<1.0.5, >=1.0.0.pre,>=1.1.0.beta1,<1.1.3,>=1.2.0.beta1,<1.2.1 Not available 10 Jan, 2018
  • M
Json Hijacking
<3.0.7 ,>=2.2.0 Not available 10 Jan, 2018