Vulnerabilities > Vaadin > Flow > 1.5.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-04-23 | CVE-2021-31407 | Exposure of Resource to Wrong Sphere vulnerability in Vaadin Flow Vulnerability in OSGi integration in com.vaadin:flow-server versions 1.2.0 through 2.4.7 (Vaadin 12.0.0 through 14.4.9), and 6.0.0 through 6.0.1 (Vaadin 19.0.0) allows attacker to access application classes and resources on the server via crafted HTTP request. | 5.0 |