CVE-2023-25500

🗓️ 22 Jun 2023 12:49:06Reported by VaadinType

CVE-2023-25500 Vaadin information disclosure vulnerabilit

Reporter	Title	Published	Views	Family All 15
Circl	CVE-2023-25500	28 Jan 202400:20	–	circl
CNNVD	Vaadin 信息泄露漏洞	22 Jun 202300:00	–	cnnvd
Cvelist	CVE-2023-25500	22 Jun 202312:49	–	cvelist
EUVD	EUVD-2023-1775	3 Oct 202520:07	–	euvd
Github Security Blog	Vaadin vulnerable to possible information disclosure of class and method names in RPC response	22 Jun 202320:01	–	github
NVD	CVE-2023-25500	22 Jun 202313:15	–	nvd
OSV	CVE-2023-25500	22 Jun 202313:15	–	osv
OSV	GHSA-CH48-9R3Q-PV7X Vaadin vulnerable to possible information disclosure of class and method names in RPC response	22 Jun 202320:01	–	osv
Prion	Information disclosure	22 Jun 202313:15	–	prion
Vaadin	Possible information disclosure of class and method names in RPC response	22 Jun 202300:00	–	vaadin

NVD

Node

vaadin vaadinRange10.0.0–10.0.23

vaadin vaadinRange11.0.0–14.10.2

vaadin vaadinRange15.0.0–22.0.28

vaadin vaadinRange23.0.0–23.3.14

vaadin vaadinRange24.0.0–24.0.7

vaadin vaadinMatch24.1.0alpha1

vaadin vaadinMatch24.1.0alpha2

vaadin vaadinMatch24.1.0alpha3

vaadin vaadinMatch24.1.0alpha4

vaadin vaadinMatch24.1.0alpha5

vaadin vaadinMatch24.1.0alpha6

vaadin vaadinMatch24.1.0beta1

vaadin vaadinMatch24.1.0beta2

vaadin vaadinMatch24.1.0beta3

vaadin vaadinMatch24.1.0rc1

vaadin vaadinMatch24.1.0rc2

[
  {
    "defaultStatus": "unaffected",
    "product": "vaadin",
    "vendor": "vaadin",
    "versions": [
      {
        "lessThanOrEqual": "10.0.23",
        "status": "affected",
        "version": "10.0.0",
        "versionType": "maven"
      },
      {
        "lessThanOrEqual": "14.10.1",
        "status": "affected",
        "version": "11.0.0",
        "versionType": "maven"
      },
      {
        "lessThanOrEqual": "22.0.8",
        "status": "affected",
        "version": "15.0.0",
        "versionType": "maven"
      },
      {
        "lessThanOrEqual": "23.3.13",
        "status": "affected",
        "version": "23.0.0",
        "versionType": "maven"
      },
      {
        "lessThanOrEqual": "24.0.6",
        "status": "affected",
        "version": "24.0.0",
        "versionType": "maven"
      },
      {
        "lessThanOrEqual": "24.1.0.rc2",
        "status": "affected",
        "version": "24.1.0.alpha1",
        "versionType": "maven"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "flow-server",
    "vendor": "flow",
    "versions": [
      {
        "lessThanOrEqual": "1.0.20",
        "status": "affected",
        "version": "1.0.0",
        "versionType": "maven"
      },
      {
        "lessThanOrEqual": "2.9.2",
        "status": "affected",
        "version": "1.1.0",
        "versionType": "maven"
      },
      {
        "lessThanOrEqual": "9.1.1",
        "status": "affected",
        "version": "3.0.0",
        "versionType": "maven"
      },
      {
        "lessThanOrEqual": "23.3.12",
        "status": "affected",
        "version": "23.0.0",
        "versionType": "maven"
      },
      {
        "lessThanOrEqual": "24.0.8",
        "status": "affected",
        "version": "24.0.0",
        "versionType": "maven"
      },
      {
        "lessThanOrEqual": "24.1.0.rc3",
        "status": "affected",
        "version": "24.1.0.alpha1",
        "versionType": "maven"
      }
    ]
  }
]

Source	Link
github	www.github.com/vaadin/flow/pull/16935
vaadin	www.vaadin.com/security/cve-2023-25500

21 Nov 2024 07:49Current

4.3Medium risk

Vulners AI Score4.3

CVSS 3.13.5 - 4.3

EPSS0.00305

SSVC

CWE-200