Maven/com.vaadin:vaadin — 5 CVEs

MEDIUM5.7CVE-2023-25499Vaadin vulnerable to possible information disclosure in non visible components.

>= 10.0.0, < 10.0.23

MEDIUM5.7CVE-2022-29567Possible information disclosure inside TreeGrid component with default data provider

>= 14.8.5, < 14.8.10

LOW3.5CVE-2023-25500Vaadin vulnerable to possible information disclosure of class and method names in RPC response

>= 10.0.0, < 10.0.24

—Vaadin Vulnerable to Authentication Bypass When Accessing the /VAADIN Endpoint Without a Trailing Slash

>= 25.0.0, < 25.0.2

—Vaadin vulnerable to Cross-site Scripting

>= 23.1.0, < 23.6.6

pkg:Maven/com.vaadin:vaadin