Missing check in DataCommunicator class in com.vaadin:vaadin-server versions 8.0.0 up to and including 8.14.0 (Vaadin 8.0.0 up to and including 8.14.0) allows authenticated network malicious user to cause heap exhaustion by requesting too many rows of data.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vaadin vaadin |