0.003 Low
EPSS
Percentile
65.1%
vaadin-bom is vulnerable to information disclosure. The OSGi integration allows an attacker to access application classes and resources on the server via a malicious HTTP request.
github.com/advisories/GHSA-25xc-jwfq-39jw
github.com/advisories/GHSA-j9wr-49vq-rm5g
github.com/vaadin/flow/pull/10229
github.com/vaadin/flow/pull/10269
github.com/vaadin/osgi/issues/50
vaadin.com/security/cve-2021-31407