Vulnerabilities > Vaadin

DATE	CVE	VULNERABILITY TITLE	RISK
2021-04-23	CVE-2020-36320	Resource Exhaustion vulnerability in Vaadin Unsafe validation RegEx in EmailValidator class in com.vaadin:vaadin-server versions 7.0.0 through 7.7.21 (Vaadin 7.0.0 through 7.7.21) allows attackers to cause uncontrolled resource consumption by submitting malicious email addresses. network low complexity vaadin CWE-400	5.0
2021-04-23	CVE-2020-36319	Exposure of Resource to Wrong Sphere vulnerability in Vaadin Flow and Vaadin Insecure configuration of default ObjectMapper in com.vaadin:flow-server versions 3.0.0 through 3.0.5 (Vaadin 15.0.0 through 15.0.4) may expose sensitive data if the application also uses e.g. network vaadin CWE-668	3.5
2021-04-23	CVE-2019-25028	Cross-site Scripting vulnerability in Vaadin Missing variable sanitization in Grid component in com.vaadin:vaadin-server versions 7.4.0 through 7.7.19 (Vaadin 7.4.0 through 7.7.19), and 8.0.0 through 8.8.4 (Vaadin 8.0.0 through 8.8.4) allows attacker to inject malicious JavaScript via unspecified vector network vaadin CWE-79	4.3
2011-01-20	CVE-2011-0509	Cross-Site Scripting vulnerability in Vaadin Cross-site scripting (XSS) vulnerability in Vaadin before 6.4.9 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to the index page. network vaadin CWE-79	4.3

Vulnerabilities > Vaadin {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Vaadin"}]}