Exposición de Vaadin

Web frameworks

10

score de exposición

461

sitios usan

0

en explotación

0

críticos

CVEs

26 resultados

CVE-2021-31407HIGHServer classes and resources exposure in OSGi applications using Vaadin 12-14 and 19EPSS 2.4%CVE-2020-36320HIGHRegular expression Denial of Service (ReDoS) in EmailValidator class in Vaadin 7EPSS 2.0%CVE-2021-31409HIGHServer session is not invalidated when logout() helper method of Authentication module is used in Vaadin 18-19EPSS 1.7%CVE-2021-31412MEDIUMPossible route enumeration in production mode via RouteNotFoundError view in Vaadin 10, 11-14, and 15-19EPSS 1.3%CVE-2020-36321MEDIUMDirectory traversal in development mode handler in Vaadin 14 and 15-17EPSS 1.2%CVE-2021-31405HIGHRegular expression denial of service (ReDoS) in EmailField component in Vaadin 14 and 15-17EPSS 1.1%CVE-2020-36319LOWPotential sensitive data exposure in applications using Vaadin 15EPSS 1.0%CVE-2021-33611MEDIUMReflected cross-site scripting in vaadin-menu-bar webjar resources in Vaadin 14EPSS 1.0%CVE-2019-25028MEDIUMStored cross-site scripting in Grid component in Vaadin 7 and 8EPSS 0.9%CVE-2022-29567MEDIUMPossible information disclosure inside TreeGrid component with default data providerEPSS 0.9%CVE-2021-33609MEDIUMDenial of service in DataCommunicator class in Vaadin 8EPSS 0.9%CVE-2019-25027MEDIUMReflected cross-site scripting in default RouteNotFoundError view in Vaadin 10 and 11-13EPSS 0.7%CVE-2021-33605MEDIUMUnauthorized property update in CheckboxGroup component in Vaadin 12-14 and 15-20EPSS 0.6%CVE-2023-25499MEDIUMPossible information disclosure in non visible componentsEPSS 0.6%CVE-2018-25007LOWUnauthorized client-side property update in UIDL request handler in Vaadin 10 and 11EPSS 0.6%CVE-2023-25500LOWPossible information disclosure in Vaadin 10.0.0 to 10.0.23, 11.0.0 to 14.10.1, 15.0.0 to 22.0.28, 23.0.0 to 23.3.13, 24.0.0 to 24.0.6, 24.1EPSS 0.5%CVE-2026-2742MEDIUMUnauthorized session creation via reserved framework path accessEPSS 0.4%CVE-2025-9467MEDIUMPossibility to bypass file upload validation on the server-sideEPSS 0.4%CVE-2026-2741LOWZip Slip Path Traversal on Node UnpackEPSS 0.3%CVE-2025-15022MEDIUMCross-site scripting in Action captionEPSS 0.3%

← anteriorpágina 1 / 2siguiente →

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →