Vaadin Checkbox Flow
Approved changes feed: RSS · Atom
cpe:2.3:a:vaadin:vaadin-checkbox-flow:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Vaadin (34b94bf1-d464-500e-83b4-751a8d81d66e) |
|---|---|
| Product | Vaadin Checkbox Flow (1091d51e-f608-5a57-92fb-62a73addc7c9) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/vaadin/flow-components |
purl2cpe | 2026-06-01 10:12:05.674339 |
pkg:github/vaadin/vaadin-checkbox-flow |
purl2cpe | 2026-06-01 10:12:05.674342 |
pkg:maven/com.vaadin/vaadin-checkbox-flow |
purl2cpe | 2026-06-01 10:12:05.674344 |
pkg:maven/com.vaadin/vaadin-checkbox-flow-parent |
purl2cpe | 2026-06-01 10:12:05.674347 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2021-33605 |
vulnerable | 2026-06-03 14:44:43.681329 |
Unauthorized property update in CheckboxGroup component in Vaadin 12-14 and 15-20
MEDIUM (4.3)
Improper check in CheckboxGroup in com.vaadin:vaadin-checkbox-flow versions 1.2.0 prior to 2.0.0 (Vaadin 12.0.0 prior to 14.0.0), 2.0.0 prior to 3.0.0 (Vaadin 14.0.0 prior to 14.5.0), 3.0.0 through 4.0.1 (Vaadin 15.0.0 through 17.0.11), 14.5.0 through 14.6.7 (Vaadin 14.5.0 through 14.6.7), and 18.0.0 through 20.0.5 (Vaadin 18.0.0 through 20.0.5) allows attackers to modify the value of a disabled Checkbox inside enabled CheckboxGroup component via unspecified vectors.
Published: 2021-08-25T12:12:41.760Z
Updated: 2024-09-17T02:53:05.351Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.