Security Advisory

CVE-2021-31407

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-04-23 16:05:41

Last updated 2024-09-16 17:17:43

Assigner Vaadin

State PUBLISHED

Description

Vulnerability in OSGi integration in com.vaadin:flow-server versions 1.2.0 through 2.4.7 (Vaadin 12.0.0 through 14.4.9), and 6.0.0 through 6.0.1 (Vaadin 19.0.0) allows attacker to access application classes and resources on the server via crafted HTTP request.

← Browse all CVEs View on cve.org ↗