1. Home
  2. Packages
  3. maven
  4. com.vaadin
  5. vaadin-server

pkg:maven/com.vaadin/vaadin-server

Type maven
Namespace com.vaadin
Name vaadin-server

Known advisories, vulnerabilities and fixes for com.vaadin/vaadin-server package.

Repository
https://mvnrepository.com/artifact/com.vaadin/vaadin-server
High 1
Moderate 4
Type Version Distribution # CVEs # Advisory ID Title Severity Published
Affected >= 7.0.0, < 7.7.22 CVE-2020-36320
maven MAVEN:GHSA-42J4-733X-5VCF Regular expression denial of service (ReDoS) in EmailValidator class in Vaadin 7 high 2021-04-19T14:49:32
(3 years ago)
Fixed = 7.7.22 CVE-2020-36320
maven MAVEN:GHSA-42J4-733X-5VCF Regular expression denial of service (ReDoS) in EmailValidator class in Vaadin 7 high 2021-04-19T14:49:32
(3 years ago)
Affected >= 8.0.0, < 8.12.3 >= 7.0.0, < 7.7.24 CVE-2021-31403
maven MAVEN:GHSA-75XC-QVXH-27F8 Timing side channel vulnerability in UIDL request handler in Vaadin 7 and 8 moderate 2021-04-19T14:51:06
(3 years ago)
Fixed = 8.12.3 = 7.7.24 CVE-2021-31403
maven MAVEN:GHSA-75XC-QVXH-27F8 Timing side channel vulnerability in UIDL request handler in Vaadin 7 and 8 moderate 2021-04-19T14:51:06
(3 years ago)
Affected >= 8.0.0, < 8.14.1 maven MAVEN:GHSA-J23J-Q57M-63V3 Denial of service in DataCommunicator class in Vaadin 8 moderate 2021-10-13T18:54:50
(2 years ago)
Fixed = 8.14.1 maven MAVEN:GHSA-J23J-Q57M-63V3 Denial of service in DataCommunicator class in Vaadin 8 moderate 2021-10-13T18:54:50
(2 years ago)
Affected >= 8.0.0, < 8.8.5 >= 7.4.0, < 7.7.20 CVE-2019-25028
maven MAVEN:GHSA-Q74R-4XW3-PPX9 Stored cross-site scripting in Grid component in Vaadin 7 and 8 moderate 2021-04-19T14:49:48
(3 years ago)
Fixed = 8.8.5 = 7.7.20 CVE-2019-25028
maven MAVEN:GHSA-Q74R-4XW3-PPX9 Stored cross-site scripting in Grid component in Vaadin 7 and 8 moderate 2021-04-19T14:49:48
(3 years ago)
Affected >= 8.0.0, < 8.14.1 CVE-2021-33609
maven MAVEN:GHSA-QCGX-CRRX-38V5 Denial of service in DataCommunicator class in Vaadin 8 moderate 2021-10-13T18:54:09
(2 years ago)
Fixed = 8.14.1 CVE-2021-33609
maven MAVEN:GHSA-QCGX-CRRX-38V5 Denial of service in DataCommunicator class in Vaadin 8 moderate 2021-10-13T18:54:09
(2 years ago)