Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Denial of service in DataCommunicator class in Vaadin 8
Vulnerability Description
Missing check in DataCommunicator class in com.vaadin:vaadin-server versions 8.0.0 through 8.14.0 (Vaadin 8.0.0 through 8.14.0) allows authenticated network attacker to cause heap exhaustion by requesting too many rows of data.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
vaadin-server 输入验证错误漏洞
Vulnerability Description
vaadin-server是Vaadin开源的一个应用软件。一个用于在Java后端上快速开发Web应用程序的平台。 vaadin-server 中存在输入验证错误漏洞,该漏洞源于当提交过多的数据时会导致服务的DataCommunicator类中的堆错误。
CVSS Information
N/A
Vulnerability Type
N/A