Homepage

com.vaadin:vaadin vulnerabilities

Licenses: Apache-2.0
Published: 16 years ago Last updated: 25 days ago Latest version: 24.9.3 Latest non-vulnerable version: 25.0.0-beta2

License

Apache-2.0[0,);
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the com.vaadin:vaadin package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • L
Debug Messages Revealing Unnecessary Information

[10.0.0,10.0.24)[11.0.0,14.10.2)[15.0.0,22.1.0)[23.0.0,23.3.14)[24.0.0,24.0.7)[24.1.0.alpha1,24.1.0)
  • M
Information Exposure

[10.0.0,10.0.23)[11.0.0,14.10.1)[23.0.0,23.3.13)[24.0.0,24.0.6)[24.1.0.alpha1,24.1.0)
  • M
Regular Expression Denial of Service (ReDoS)

[0,8.0)
  • M
Cross-site Scripting (XSS)

[,6.4.9)

Package versions

666 VERSIONS IN TOTAL See all versions
versionpublisheddirect vulnerabilities
25.0.0-beta220 Oct, 2025
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
25.0.0-beta115 Oct, 2025
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
24.9.317 Oct, 2025
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
24.9.23 Oct, 2025
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
24.9.130 Sep, 2025
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
24.9.016 Sep, 2025
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
24.9.0-rc211 Sep, 2025
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
24.9.0-rc110 Sep, 2025
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
24.9.0-beta38 Sep, 2025
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L
24.9.0-beta229 Aug, 2025
  • 0
    C
  • 0
    H
  • 0
    M
  • 0
    L