CVE-2021-31407: Exposure of Resource to Wrong Sphere
(updated )
Vulnerability in OSGi integration in com.vaadin:flow-server (Vaad ) (Vaad ) allows attacker to access application classes and resources on the server via crafted HTTP request.
References
Detect and mitigate CVE-2021-31407 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →