CNNVD-202509-662 Information

CNNVD ID

CNNVD-202509-662

Related CVE

CVE-2025-9467

• CNNVD Published: 2025-09-04

Description (Chinese)

vaadin是Vaadin开源的一个用于Web应用程序开发的开源平台。Vaadin 平台包括一组Web 组件、一个 Java Web 框架以及一组工具和应用程序启动器。 Vaadin存在安全漏洞，该漏洞源于上传验证可被绕过。以下版本受到影响：7.0.0至7.7.47版本、8.0.0至8.28.1版本、14.0.0至14.13.0版本、23.0.0至23.6.1版本和24.0.0至24.7.6版本。

Description (English)

Vaadin is an open-source platform for Web application development in Vaadin open source. The Vaadin platform consists of a set of Web components, a Java Web framework and a set of tools and application starters. Vaadin had a security loophole, which stemmed from the possibility that upload certification could be bypassed. The following versions were affected: 7.0.0 to 7.7.47, 8.0.0 to 8.28.1, 14.0.0 to 14.13.0, 23.0.0 to 23.6.1 and 24.0.0 to 24.76.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Vaadin

Published

2025-09-04

Last Modified

2026-02-24

References

https://vaadin.com/security/cve-2025-9467

Patch

https://vaadin.com/security/cve-2025-9467