vaadin Flow Server Vulnerabilities
Vaadin Flow-server vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Possible information disclosure in non visible components
CVE-2023-25499VaadinVaadin5.7MEDIUMInformation Disclosure Vulnerability in Vaadin Products by Vaadin
CVE-2023-25500VaadinVaadin3.5LOWPossible route enumeration in production mode via RouteNotFoundError view in Vaadin 10, 11-14, and 15-19
CVE-2021-31412VaadinVaadin5.3MEDIUMReflected cross-site scripting in development mode handler in Vaadin 14, 15-19
CVE-2021-33604VaadinVaadin2.5LOWInsecure temporary directory usage in frontend build functionality of Vaadin 14 and 15-19
CVE-2021-31411VaadinVaadin6.3MEDIUMUnauthorized client-side property update in UIDL request handler in Vaadin 10 and 11
CVE-2018-25007VaadinVaadin2.6LOWReflected cross-site scripting in default RouteNotFoundError view in Vaadin 10 and 11-13
CVE-2019-25027VaadinVaadin6.1MEDIUMPotential sensitive data exposure in applications using Vaadin 15
CVE-2020-36319VaadinVaadin3.1LOWDirectory traversal in development mode handler in Vaadin 14 and 15-17
CVE-2020-36321VaadinVaadin5.9MEDIUMTiming side channel vulnerability in UIDL request handler in Vaadin 10, 11-14, and 15-18
CVE-2021-31404VaadinVaadin4MEDIUMTiming side channel vulnerability in endpoint request handler in Vaadin 15-19
CVE-2021-31406VaadinVaadin4MEDIUMServer classes and resources exposure in OSGi applications using Vaadin 12-14 and 19
CVE-2021-31407VaadinVaadin8.6HIGH