Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2020-36319

Insecure configuration of default ObjectMapper in com.vaadin:flow-server versions 3.0.0 through 3.0.5 (Vaadin 15.0.0 through 15.0.4) may expose sensitive data if the application also uses e.g. @RestController
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.1%
CVSS Severity
CVSS v3 Score 3.1
CVSS v2 Score 3.5
Products affected by CVE-2020-36319
  • Vaadin » Flow » Version: 3.0.0
    cpe:2.3:a:vaadin:flow:3.0.0
  • Vaadin » Flow » Version: 3.0.1
    cpe:2.3:a:vaadin:flow:3.0.1
  • Vaadin » Flow » Version: 3.0.2
    cpe:2.3:a:vaadin:flow:3.0.2
  • Vaadin » Flow » Version: 3.0.3
    cpe:2.3:a:vaadin:flow:3.0.3
  • Vaadin » Flow » Version: 3.0.4
    cpe:2.3:a:vaadin:flow:3.0.4
  • Vaadin » Flow » Version: 3.0.5
    cpe:2.3:a:vaadin:flow:3.0.5
  • Vaadin » Vaadin » Version: 15.0.0
    cpe:2.3:a:vaadin:vaadin:15.0.0
  • Vaadin » Vaadin » Version: 15.0.1
    cpe:2.3:a:vaadin:vaadin:15.0.1
  • Vaadin » Vaadin » Version: 15.0.2
    cpe:2.3:a:vaadin:vaadin:15.0.2
  • Vaadin » Vaadin » Version: 15.0.3
    cpe:2.3:a:vaadin:vaadin:15.0.3
  • Vaadin » Vaadin » Version: 15.0.4
    cpe:2.3:a:vaadin:vaadin:15.0.4


Products
Pricing
Contact Us

Shodan ® - All rights reserved