Vulnerabilities > CVE-2020-36319 - Exposure of Resource to Wrong Sphere vulnerability in Vaadin Flow and Vaadin
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
Insecure configuration of default ObjectMapper in com.vaadin:flow-server versions 3.0.0 through 3.0.5 (Vaadin 15.0.0 through 15.0.4) may expose sensitive data if the application also uses e.g. @RestController
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 53 |