0.001 Low
EPSS
Percentile
41.4%
flow-server is vulnerable to information disclosure. Insecure configuration of the default ObjectMapper discloses confidential data if the application also uses e.g. @RestController.
@RestController
github.com/advisories/GHSA-76f4-fw33-6j2v
github.com/vaadin/flow/issues/8010
github.com/vaadin/flow/pull/8016
github.com/vaadin/flow/pull/8051
vaadin.com/security/cve-2020-36319