CVE-2020-36319

Information Exposure in maven/com.vaadin/vaadin-server

Identifier

CVE-2020-36319

Package Slug

maven/com.vaadin/vaadin-server

Vulnerability

Information Exposure

Description

Insecure configuration of default ObjectMapper in com.vaadin:flow-server may expose sensitive data if the application also uses @RestController

Affected Versions

All versions starting from 15.0.0 before 15.0.5

Solution

Upgrade to version 15.0.5 or above.

Last Modified

2021-05-10

source