vaadin Summary
Latest vulnerabilities published by vaadin
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Upload Validation Bypass in Vaadin Framework by Vaadin Ltd.
CVE-2025-9467VaadinVaadin5.3MEDIUMPossible information disclosure in non visible components
CVE-2023-25499VaadinVaadin5.7MEDIUMInformation Disclosure Vulnerability in Vaadin Products by Vaadin
CVE-2023-25500VaadinVaadin3.5LOWPossible information disclosure inside TreeGrid component with default data provider
CVE-2022-29567VaadinVaadin5.7MEDIUMReflected cross-site scripting in vaadin-menu-bar webjar resources in Vaadin 14
CVE-2021-33611VaadinVaadin6.1MEDIUMDenial of service in DataCommunicator class in Vaadin 8
CVE-2021-33609VaadinVaadin4.3MEDIUMUnauthorized property update in CheckboxGroup component in Vaadin 12-14 and 15-20
CVE-2021-33605VaadinVaadin4.3MEDIUMPossible route enumeration in production mode via RouteNotFoundError view in Vaadin 10, 11-14, and 15-19
CVE-2021-31412VaadinVaadin5.3MEDIUMReflected cross-site scripting in development mode handler in Vaadin 14, 15-19
CVE-2021-33604VaadinVaadin2.5LOWServer session is not invalidated when logout() helper method of Authentication module is used in Vaadin 18-19
CVE-2021-31409VaadinVaadin7.5HIGHInsecure temporary directory usage in frontend build functionality of Vaadin 14 and 15-19
CVE-2021-31411VaadinVaadin6.3MEDIUMServer session is not invalidated when logout() helper method of Authentication module is used in Vaadin 18-19
CVE-2021-31408VaadinVaadin6.3MEDIUMProject sources exposure in Vaadin Designer
CVE-2021-31410VaadinDesigner8.6HIGHUnauthorized client-side property update in UIDL request handler in Vaadin 10 and 11
CVE-2018-25007VaadinVaadin2.6LOWReflected cross-site scripting in default RouteNotFoundError view in Vaadin 10 and 11-13
CVE-2019-25027VaadinVaadin6.1MEDIUMStored cross-site scripting in Grid component in Vaadin 7 and 8
CVE-2019-25028VaadinVaadin5.4MEDIUMPotential sensitive data exposure in applications using Vaadin 15
CVE-2020-36319VaadinVaadin3.1LOWRegular expression Denial of Service (ReDoS) in EmailValidator class in Vaadin 7
CVE-2020-36320VaadinVaadin7.5HIGHDirectory traversal in development mode handler in Vaadin 14 and 15-17
CVE-2020-36321VaadinVaadin5.9MEDIUMTiming side channel vulnerability in UIDL request handler in Vaadin 7 and 8
CVE-2021-31403VaadinVaadin4MEDIUMTiming side channel vulnerability in UIDL request handler in Vaadin 10, 11-14, and 15-18
CVE-2021-31404VaadinVaadin4MEDIUMRegular expression denial of service (ReDoS) in EmailField component in Vaadin 14 and 15-17
CVE-2021-31405VaadinVaadin7.5HIGHTiming side channel vulnerability in endpoint request handler in Vaadin 15-19
CVE-2021-31406VaadinVaadin4MEDIUMServer classes and resources exposure in OSGi applications using Vaadin 12-14 and 19
CVE-2021-31407VaadinVaadin8.6HIGHCross-site Scripting Vulnerability in Vaadin by Vaadin
CVE-2011-0509VaadinVaadin