EUVD-2022-4962

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Potential information disclosure in TreeGrid component in Vaadin versions 14.8.5 to 23.1.0.alpha4.

Reporter	Title	Published	Views	Family All 12
ATTACKERKB	CVE-2022-29567	24 May 202210:44	–	attackerkb
Circl	CVE-2022-29567	24 May 202218:37	–	circl
CNNVD	Vaadin Flow Components 信息泄露漏洞	24 May 202200:00	–	cnnvd
CVE	CVE-2022-29567	24 May 202214:20	–	cve
Cvelist	CVE-2022-29567 Possible information disclosure inside TreeGrid component with default data provider	24 May 202214:20	–	cvelist
Github Security Blog	Possible information disclosure inside TreeGrid component with default data provider	25 May 202222:40	–	github
NVD	CVE-2022-29567	24 May 202215:15	–	nvd
OSV	CVE-2022-29567	24 May 202215:15	–	osv
OSV	GHSA-QFR3-323W-QV27 Possible information disclosure inside TreeGrid component with default data provider	25 May 202222:40	–	osv
Prion	Default configuration	24 May 202215:15	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "6aaa98e1-37db-37a8-895b-e35ebdcdf64b",
        "vendor": {
          "name": "Vaadin"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "0bfb7dd4-8b67-3e18-a94b-8778ad80d2fd",
        "product": {
          "name": "Vaadin"
        },
        "product_version": "unspecified ≤22.0.14"
      },
      {
        "id": "1a11f8b1-c92b-38b9-b62e-bf9d5dedb683",
        "product": {
          "name": "vaadin-grid-flow"
        },
        "product_version": "14.8.5 <unspecified"
      },
      {
        "id": "281cd999-0f28-393a-97d8-88a4ba8c2244",
        "product": {
          "name": "vaadin-grid-flow"
        },
        "product_version": "unspecified ≤23.0.8"
      },
      {
        "id": "5405e1cb-e925-352d-907c-ca167270c051",
        "product": {
          "name": "vaadin-grid-flow"
        },
        "product_version": "23.0.0.beta2 <unspecified"
      },
      {
        "id": "5d40ea3d-b5ba-3656-9df9-8f78c6400ec4",
        "product": {
          "name": "vaadin-grid-flow"
        },
        "product_version": "22.0.6 <unspecified"
      },
      {
        "id": "6e17a313-1f53-3894-9a2f-270d571178e2",
        "product": {
          "name": "Vaadin"
        },
        "product_version": "23.1.0.alpha1 <unspecified"
      },
      {
        "id": "76b196a9-44fc-3059-aa03-795cbf2bb8f1",
        "product": {
          "name": "Vaadin"
        },
        "product_version": "23.0.0.beta2 <unspecified"
      },
      {
        "id": "771bd7f0-8d65-32bf-b18c-f6739674a134",
        "product": {
          "name": "Vaadin"
        },
        "product_version": "14.8.5 <unspecified"
      },
      {
        "id": "85ac18f0-20bb-3359-b028-fb86ae00a316",
        "product": {
          "name": "vaadin-grid-flow"
        },
        "product_version": "23.1.0.alpha1 <unspecified"
      },
      {
        "id": "a2626ed0-2eff-3c01-946e-bdd742e62554",
        "product": {
          "name": "Vaadin"
        },
        "product_version": "unspecified ≤14.8.9"
      },
      {
        "id": "b2fe9eed-adfc-3c7e-9bb1-f5e27e1225f2",
        "product": {
          "name": "vaadin-grid-flow"
        },
        "product_version": "unspecified ≤14.8.9"
      },
      {
        "id": "b6f9e404-606f-39e4-a770-2a098b471144",
        "product": {
          "name": "vaadin-grid-flow"
        },
        "product_version": "unspecified ≤22.0.14"
      },
      {
        "id": "c851f363-37e0-32e2-ac5f-513a6971a058",
        "product": {
          "name": "Vaadin"
        },
        "product_version": "unspecified ≤23.0.8"
      },
      {
        "id": "c8fe49f8-15bb-3788-8840-0720ea1f2b82",
        "product": {
          "name": "Vaadin"
        },
        "product_version": "unspecified ≤23.1.0.alpha4"
      },
      {
        "id": "da6cb766-f4fb-3208-be19-f843758b4dbe",
        "product": {
          "name": "vaadin-grid-flow"
        },
        "product_version": "unspecified ≤23.1.0.alpha4"
      },
      {
        "id": "f263a72b-9006-3b69-ab9e-97b13612753c",
        "product": {
          "name": "Vaadin"
        },
        "product_version": "22.0.6 <unspecified"
      }
    ]
  }
]

Source	Link
github	www.github.com/vaadin/platform/security/advisories/GHSA-qfr3-323w-qv27
nvd	www.nvd.nist.gov/vuln/detail/CVE-2022-29567
github	www.github.com/vaadin/flow-components/pull/3046
github	www.github.com/vaadin/platform
vaadin	www.vaadin.com/security/cve-2022-29567

03 Oct 2025 20:07Current

7.5High risk

Vulners AI Score7.5

CVSS 3.15.7 - 7.5

CVSS 25

EPSS0.00267