Lucene search
Veracode Vulnerability DatabaseVERACODE:35700HistoryMay 25, 2022 - 7:23 a.m.
Information Disclosure
2022-05-2507:23:57
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
0.002 Low
EPSS
Percentile
52.5%
Vaadin-grid-flow is vulnerable to information disclosure. The vulnerability exists in treegrid component due to the use of a numeric incremental id as a key for grid items on client side which allows an attacker to get access to sensitive information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| vaadin grid | le | 22.0.14 | |
| vaadin grid | le | 14.8.9 | |
| vaadin grid | le | 23.0.8 | |
| vaadin grid | le | 22.0.14 | |
| vaadin grid | le | 14.8.9 | |
| vaadin grid | le | 23.0.8 |
Related
vaadin
vaadin
cvelist
cvelist
cve
cve
CVE-2022-29567
2022-05-24 15:15:08
osv
osv
Possible information disclosure inside TreeGrid component with default data provider
2022-05-25 22:40:03
CVE-2022-29567
2022-05-24 15:15:08
nvd
nvd
CVE-2022-29567
2022-05-24 15:15:08
github
github
prion
prion
Default configuration
2022-05-24 15:15:00