Release Vaadin 24.0.11 · vaadin/platform

This is a maintenance release for Vaadin 24.0. See 24.0.0 release notes for details and resources.

Note

To fix cve-2023-34035, Spring Security 6.0.5 has been introduced a breaking change. Vaadin 24.0.11 is compatible with the latest Springboot containing the breaking change.

Changelogs

Flow (24.0.12) and Hilla (2.0.11)
Design System
- Web Components (24.0.12)
- Flow Components (24.0.11)
Designer (Release notes)
Design System Publisher (Documentation)
TestBench (9.0.4)
Classic Components(24.0.0)
Multiplatform Runtime (MPR) (7.0.6)
Router (1.7.5)
Vaadin Kits
- Azure Kit (1.0.0)
- Collaboration Kit (6.0.0)
- Kubernetes Kit (2.0.0)
- Observability Kit (2.0.0)
- SSO Kit (2.0.5)
- Swing Kit (2.0.0)
Designer (Release notes)

Official add-ons and plugins:

Spring add-on (24.0.12)
CDI add-on (15.0.1)
Maven plugin (24.0.11)
Gradle plugin (24.0.11)
Quarkus plugin (2.0.1)

known vulnerability

TestBench brings the dependency pkg:maven/com.google.guava/[email protected], that has the vulnerability described in CVE-2020-8908 and CVE-2023-2976, the problematic method has been deprecated in guava and it is not used in Vaadin.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Vaadin 24.0.11

Note

Changelogs

known vulnerability