| CVE-2021-33611 |
unknown |
— |
— |
|
|
|
5y ago |
Reflected cross-site scripting in vaadin-menu-bar webjar resources in Vaadin 14 |
| CVE-2021-33604 |
unknown |
— |
— |
|
|
|
5y ago |
Reflected cross-site scripting in development mode handler in Vaadin 14, 15-19 |
| CVE-2021-31412 |
unknown |
— |
— |
|
|
|
5y ago |
Possible route enumeration in production mode via RouteNotFoundError view in Vaadin 10, 11-14, and 15-19 |
| CVE-2021-31411 |
unknown |
— |
— |
|
|
|
5y ago |
Insecure temporary directory usage in frontend build functionality of Vaadin 14 and 15-19 |
| CVE-2021-31408 |
unknown |
— |
— |
|
|
|
5y ago |
Server session is not invalidated when logout() helper method of Authentication module is used in Vaadin 18-19 |
| CVE-2021-31403 |
unknown |
— |
— |
|
|
|
5y ago |
Timing side channel vulnerability in UIDL request handler in Vaadin 7 and 8 |
| CVE-2019-25028 |
unknown |
— |
— |
|
|
|
5y ago |
Stored cross-site scripting in Grid component in Vaadin 7 and 8 |
| CVE-2020-36320 |
unknown |
— |
— |
|
|
|
5y ago |
Regular expression denial of service (ReDoS) in EmailValidator class in Vaadin 7 |
| CVE-2021-31405 |
unknown |
— |
— |
|
|
|
5y ago |
Regular expression denial of service (ReDoS) in EmailField component in Vaadin 14 and 15-17 |