CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-3095 – Incorrect parsing of the backslash characters in Dart library
https://notcve.org/view.php?id=CVE-2022-3095
The implementation of backslash parsing in the Dart URI class for versions prior to 2.18 and Flutter versions prior to 3.30 differs from the WhatWG URL standards. Dart uses the RFC 3986 syntax, which creates incompatibilities with the '\' characters in URIs, which can lead to auth bypass in webapps interpreting URIs. We recommend updating Dart or Flutter to mitigate the issue. La implementación del análisis de barra invertida en la clase Dart URI para versiones anteriores a 2.18 y versiones de Flutter anteriores a 3.30 difiere de los estándares de URL de WhatWG. Dart utiliza la sintaxis RFC 3986, que crea incompatibilidades con los caracteres '\' en los URI, lo que puede provocar una omisión de autenticación en las aplicaciones web que interpretan los URI. • https://github.com/dart-lang/sdk/blob/master/CHANGELOG.md#2182---2022-09-28 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-0451 – Auth bypass in Dark SDK
https://notcve.org/view.php?id=CVE-2022-0451
Dart SDK contains the HTTPClient in dart:io library whcih includes authorization headers when handling cross origin redirects. These headers may be explicitly set and contain sensitive information. By default, HttpClient handles redirection logic. If a request is sent to example.com with authorization header and it redirects to an attackers site, they might not expect attacker site to receive authorization header. We recommend updating the Dart SDK to version 2.16.0 or beyond. • https://dart-review.googlesource.com/c/sdk/+/229947 https://github.com/dart-lang/sdk/commit/57db739be0ad4629079bfa94840064f615d35abc • CWE-305: Authentication Bypass by Primary Weakness CWE-863: Incorrect Authorization •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2021-22567 – Bidirectional Override in Dart SDK
https://notcve.org/view.php?id=CVE-2021-22567
Bidirectional Unicode text can be interpreted and compiled differently than how it appears in editors which can be exploited to get nefarious code passed a code review by appearing benign. An attacker could embed a source that is invisible to a code reviewer that modifies the behavior of a program in unexpected ways. El texto Unicode bidireccional puede ser interpretado y compilado de forma diferente a como aparece en los editores, lo que puede ser explotado para conseguir que el código nefasto pase una revisión de código aparentando ser benigno. Un atacante podría insertar una fuente invisible para un revisor de código que modifique el comportamiento de un programa de forma no esperada. • https://github.com/dart-lang/sdk/blob/main/CHANGELOG.md https://github.com/dart-lang/sdk/commit/52519ea8eb4780c468c4c2ed00e7c8046ccfed41 • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-22568 – Dart - Publishing to third-party package repositories may expose pub.dev credentials
https://notcve.org/view.php?id=CVE-2021-22568
When using the dart pub publish command to publish a package to a third-party package server, the request would be authenticated with an oauth2 access_token that is valid for publishing on pub.dev. Using these obtained credentials, an attacker can impersonate the user on pub.dev. We recommend upgrading past https://github.com/dart-lang/sdk/commit/d787e78d21e12ec1ef712d229940b1172aafcdf8 or beyond version 2.15.0 Cuando es usado el comando dart pub publish para publicar un paquete en un servidor de paquetes de terceros, la petición se autentifica con un access_token oauth2 válido para publicar en pub.dev. Usando estas credenciales obtenidas, un atacante puede suplantar al usuario en pub.dev. Se recomienda actualizar a partir de https://github.com/dart-lang/sdk/commit/d787e78d21e12ec1ef712d229940b1172aafcdf8 o de la versión 2.15 • https://github.com/dart-lang/sdk/blob/main/CHANGELOG.md https://github.com/dart-lang/sdk/commit/d787e78d21e12ec1ef712d229940b1172aafcdf8 https://github.com/dart-lang/sdk/security/advisories/GHSA-r32f-vhjp-qhj7 • CWE-255: Credentials Management Errors CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-22540 – XSS in Dart SDK
https://notcve.org/view.php?id=CVE-2021-22540
Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use an XSS attack via DOM clobbering. The validation logic in dart:html for creating DOM nodes from text did not sanitize properly when it came across template tags. Una mala lógica de comprobación en el Dart SDK versiones anteriores a 2.12.3 permite a un atacante usar un ataque de tipo XSS por medio de DOM clobbering. La lógica de comprobación en dart: html para crear nodos DOM a partir de texto no se saneaban apropiadamente cuando se encontraba con etiquetas de plantilla • https://github.com/dart-lang/sdk/commit/ce5a1c2392debce967415d4c09359ff2555e3588 https://github.com/dart-lang/sdk/security/advisories/GHSA-3rfv-4jvg-9522 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •