ch.artaios:openchemlib-vaadin (>=1.0.0 <=3.0.0), ch.jubnl:vsecureflow (>=0.0.15 <=0.0.16) +651 more potentially affected by CVE-2021-31407 via com.vaadin:flow-server (>=1.2.0 <=2.4.7)

com.vaadin:flow-server MAVEN version =1.2.0, =1.0.0, =0.0.15, =2.1.1, =1.0.0, =1.0.0, =1.0.0, =0.1, =1.0.0, =1.4.0, =0.1.0, =0.2.0 - com.github.jochenw.afw:afw-vdn =0.9.2 and more Source cves: CVE-2021-31407 Source advisory: OSV:GHSA-25XC-JWFQ-39JW...

PT-2021-19288 · Vaadin · Com.Vaadin:Flow-Server

Name of the Vulnerable Software and Affected Versions: com.vaadin:flow-server versions 1.2.0 through 2.4.7 com.vaadin:flow-server versions 6.0.0 through 6.0.1 Description: The issue allows an attacker to access application classes and resources on the server via a crafted HTTP request. This is du...