Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2022-29567
HistoryMay 24, 2022 - 3:15 p.m.

CVE-2022-29567

2022-05-2415:15:08
Google
osv.dev
7
treegrid component
vaadin 14.8.5
vaadin 14.8.9
vaadin 22.0.6
vaadin 22.0.14
vaadin 23.0.0.beta2
vaadin 23.0.8
vaadin 23.1.0.alpha1
information disclosure

AI Score

6.4

Confidence

High

EPSS

0.002

Percentile

52.5%

JSON

The default configuration of a TreeGrid component uses Object::toString as a key on the client-side and server communication in Vaadin 14.8.5 through 14.8.9, 22.0.6 through 22.0.14, 23.0.0.beta2 through 23.0.8 and 23.1.0.alpha1 through 23.1.0.alpha4, resulting in potential information disclosure of values that should not be available on the client-side.

Related

vaadin 1
cvelist 1
nvd 1
prion 1
osv 1
cve 1
github 1
veracode 1
vaadin
vaadin
Possible information disclosure inside TreeGrid component with default data provider
2022-05-24 00:00:00
cvelist
cvelist
CVE-2022-29567 Possible information disclosure inside TreeGrid component with default data provider
2022-05-24 14:20:19
nvd
nvd
CVE-2022-29567
2022-05-24 15:15:08
prion
prion
Default configuration
2022-05-24 15:15:00
osv
osv
Possible information disclosure inside TreeGrid component with default data provider
2022-05-25 22:40:03
cve
cve
CVE-2022-29567
2022-05-24 15:15:08
github
github
Possible information disclosure inside TreeGrid component with default data provider
2022-05-25 22:40:03
veracode
veracode
Information Disclosure
2022-05-25 07:23:57

AI Score

6.4

Confidence

High

EPSS

0.002

Percentile

52.5%

JSON
Related for OSV:CVE-2022-29567
vaadin1cvelist1nvd1prion1osv1cve1github1veracode1