CVE-2020-36319

Information Exposure in maven/com.vaadin/flow-server

Identifier

CVE-2020-36319

Package Slug

maven/com.vaadin/flow-server

Vulnerability

Information Exposure

Description

Insecure configuration of default ObjectMapper in com.vaadin:flow-server may expose sensitive data if the application also uses e.g. @RestController

Affected Versions

All versions starting from 3.0.0 through 3.0.5

Solution

Upgrade to version 3.0.6 or higher.

Last Modified

2021-05-07

source