Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistVaadinCVELIST:CVE-2021-31403
HistoryFeb 12, 2021 - 12:00 a.m.

CVE-2021-31403 Timing side channel vulnerability in UIDL request handler in Vaadin 7 and 8

2021-02-1200:00:00
CWE-208
Vaadin
raw.githubusercontent.com
2

6.8 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

16.4%

JSON

Non-constant-time comparison of CSRF tokens in UIDL request handler in com.vaadin:vaadin-server versions 7.0.0 through 7.7.23 (Vaadin 7.0.0 through 7.7.23), and 8.0.0 through 8.12.2 (Vaadin 8.0.0 through 8.12.2) allows attacker to guess a security token via timing attack

Related

osv 2
prion 1
ibm 4
github 1
cve 1
vaadin 1
osv
osv
CVE-2021-31403
2021-04-23 16:15:08
Timing side channel vulnerability in UIDL request handler in Vaadin 7 and 8
2021-04-19 14:51:06
prion
prion
Cross site request forgery (csrf)
2021-04-23 16:15:00
ibm
ibm
Security Bulletin: IBM Security Verify Governance is vulnerable to sensitive information exposure (CVE-2021-31403)
2023-04-04 12:42:05
Security Bulletin: IBM Security Verify Governance is vulnerable to sensitive information exposure (CVE-2021-31403)
2023-04-20 10:28:17
Security Bulletin: IBM Security Verify Governance is vulnerable to sensitive information exposure and denial of service (CVE-2021-31403, CVE-2021-33609)
2023-04-20 10:39:50
github
github
Timing side channel vulnerability in UIDL request handler in Vaadin 7 and 8
2021-04-19 14:51:06
cve
cve
CVE-2021-31403
2021-04-23 16:15:00
vaadin
vaadin
Timing side channel vulnerability in UIDL request handler in Vaadin 7 and 8
2021-02-12 00:00:00

6.8 Medium

AI Score

Confidence

Low

0.0005 Low

EPSS

Percentile

16.4%

JSON
Related for CVELIST:CVE-2021-31403
osv2prion1ibm4github1cve1vaadin1