Com.vaadin:vaadin-bom
This hub aggregates every CVE we track for Com.vaadin:vaadin-bom, a product in the oss libraries space. Use it to gauge the current risk picture and drill into individual advisories.
9
CVEs tracked
0
Critical
2
High
0
In CISA KEV
Severity distribution
MEDIUM6HIGH2LOW1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 9 most recently published vulnerabilities affecting Com.vaadin:vaadin-bom.
- CVE-2021-33611Reflected cross-site scripting in vaadin-menu-bar webjar resources in Vaadin 146.1
- CVE-2021-31412Possible route enumeration in production mode via RouteNotFoundError view in Vaadin 10, 11-14, and 15-195.3
- CVE-2021-33604Reflected cross-site scripting in development mode handler in Vaadin 14, 15-192.5
- CVE-2021-31411Insecure temporary directory usage in frontend build functionality of Vaadin 14 and 15-196.3
- CVE-2021-31408Server session is not invalidated when logout() helper method of Authentication module is used in Vaadin 18-196.3
- CVE-2021-31405Regular expression denial of service (ReDoS) in EmailField component in Vaadin 14 and 15-177.5
- CVE-2021-31403Timing side channel vulnerability in UIDL request handler in Vaadin 7 and 84.0
- CVE-2020-36320Regular expression Denial of Service (ReDoS) in EmailValidator class in Vaadin 77.5
- CVE-2019-25028Stored cross-site scripting in Grid component in Vaadin 7 and 85.4
Product normalization is registry-driven with AI assist and human review. How it works