Vulnerabilites related to dart - dart_software_development_kit
CVE-2021-22567 (GCVE-0-2021-22567)
Vulnerability from cvelistv5
Published
2022-01-05 10:55
Modified
2025-04-21 13:57
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
Bidirectional Unicode text can be interpreted and compiled differently than how it appears in editors which can be exploited to get nefarious code passed a code review by appearing benign. An attacker could embed a source that is invisible to a code reviewer that modifies the behavior of a program in unexpected ways.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/dart-lang/sdk/blob/main/CHANGELOG.md | x_refsource_MISC | |
| https://github.com/dart-lang/sdk/commit/52519ea8eb4780c468c4c2ed00e7c8046ccfed41 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Google LLC | Dart SDK |
Version: unspecified < 2.15.0-268.18.beta |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:14.038Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dart-lang/sdk/blob/main/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dart-lang/sdk/commit/52519ea8eb4780c468c4c2ed00e7c8046ccfed41"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-22567",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-21T13:35:56.111280Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T13:57:18.231Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Dart SDK",
"vendor": "Google LLC",
"versions": [
{
"lessThan": "2.15.0-268.18.beta",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-11-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Bidirectional Unicode text can be interpreted and compiled differently than how it appears in editors which can be exploited to get nefarious code passed a code review by appearing benign. An attacker could embed a source that is invisible to a code reviewer that modifies the behavior of a program in unexpected ways."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-05T10:55:11.000Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dart-lang/sdk/blob/main/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dart-lang/sdk/commit/52519ea8eb4780c468c4c2ed00e7c8046ccfed41"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Bidirectional Override in Dart SDK",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"DATE_PUBLIC": "2021-11-16T23:00:00.000Z",
"ID": "CVE-2021-22567",
"STATE": "PUBLIC",
"TITLE": "Bidirectional Override in Dart SDK"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Dart SDK",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.15.0-268.18.beta"
}
]
}
}
]
},
"vendor_name": "Google LLC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bidirectional Unicode text can be interpreted and compiled differently than how it appears in editors which can be exploited to get nefarious code passed a code review by appearing benign. An attacker could embed a source that is invisible to a code reviewer that modifies the behavior of a program in unexpected ways."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284 Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/dart-lang/sdk/blob/main/CHANGELOG.md",
"refsource": "MISC",
"url": "https://github.com/dart-lang/sdk/blob/main/CHANGELOG.md"
},
{
"name": "https://github.com/dart-lang/sdk/commit/52519ea8eb4780c468c4c2ed00e7c8046ccfed41",
"refsource": "MISC",
"url": "https://github.com/dart-lang/sdk/commit/52519ea8eb4780c468c4c2ed00e7c8046ccfed41"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2021-22567",
"datePublished": "2022-01-05T10:55:11.851Z",
"dateReserved": "2021-01-05T00:00:00.000Z",
"dateUpdated": "2025-04-21T13:57:18.231Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22540 (GCVE-0-2021-22540)
Vulnerability from cvelistv5
Published
2021-04-22 14:15
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation
Summary
Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use an XSS attack via DOM clobbering. The validation logic in dart:html for creating DOM nodes from text did not sanitize properly when it came across template tags.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/dart-lang/sdk/security/advisories/GHSA-3rfv-4jvg-9522 | x_refsource_CONFIRM | |
| https://github.com/dart-lang/sdk/commit/ce5a1c2392debce967415d4c09359ff2555e3588 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Google LLC | Dart SDK |
Version: stable < 2.12.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:14.025Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/dart-lang/sdk/security/advisories/GHSA-3rfv-4jvg-9522"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/dart-lang/sdk/commit/ce5a1c2392debce967415d4c09359ff2555e3588"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Dart SDK",
"vendor": "Google LLC",
"versions": [
{
"lessThan": "2.12.3",
"status": "affected",
"version": "stable",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Vincenzo di Cicco"
}
],
"descriptions": [
{
"lang": "en",
"value": "Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use an XSS attack via DOM clobbering. The validation logic in dart:html for creating DOM nodes from text did not sanitize properly when it came across template tags."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-04-22T14:15:17",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dart-lang/sdk/security/advisories/GHSA-3rfv-4jvg-9522"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dart-lang/sdk/commit/ce5a1c2392debce967415d4c09359ff2555e3588"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "XSS in Dart SDK",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2021-22540",
"STATE": "PUBLIC",
"TITLE": "XSS in Dart SDK"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Dart SDK",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "stable",
"version_value": "2.12.3"
}
]
}
}
]
},
"vendor_name": "Google LLC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Vincenzo di Cicco"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use an XSS attack via DOM clobbering. The validation logic in dart:html for creating DOM nodes from text did not sanitize properly when it came across template tags."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79: Improper Neutralization of Input During Web Page Generation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/dart-lang/sdk/security/advisories/GHSA-3rfv-4jvg-9522",
"refsource": "CONFIRM",
"url": "https://github.com/dart-lang/sdk/security/advisories/GHSA-3rfv-4jvg-9522"
},
{
"name": "https://github.com/dart-lang/sdk/commit/ce5a1c2392debce967415d4c09359ff2555e3588",
"refsource": "CONFIRM",
"url": "https://github.com/dart-lang/sdk/commit/ce5a1c2392debce967415d4c09359ff2555e3588"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2021-22540",
"datePublished": "2021-04-22T14:15:17",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:14.025Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-0451 (GCVE-0-2022-0451)
Vulnerability from cvelistv5
Published
2022-02-18 13:35
Modified
2025-04-21 13:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-305 - Authentication Bypass by Primary Weakness
Summary
Dart SDK contains the HTTPClient in dart:io library whcih includes authorization headers when handling cross origin redirects. These headers may be explicitly set and contain sensitive information. By default, HttpClient handles redirection logic. If a request is sent to example.com with authorization header and it redirects to an attackers site, they might not expect attacker site to receive authorization header. We recommend updating the Dart SDK to version 2.16.0 or beyond.
References
| ▼ | URL | Tags |
|---|---|---|
| https://dart-review.googlesource.com/c/sdk/+/229947 | x_refsource_MISC | |
| https://github.com/dart-lang/sdk/commit/57db739be0ad4629079bfa94840064f615d35abc | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Google LLC | Dart SDK |
Version: unspecified < 2.16.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:25:40.615Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://dart-review.googlesource.com/c/sdk/+/229947"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dart-lang/sdk/commit/57db739be0ad4629079bfa94840064f615d35abc"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-0451",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-21T13:36:05.316828Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T13:56:39.087Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Dart SDK",
"vendor": "Google LLC",
"versions": [
{
"lessThan": "2.16.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2022-02-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Dart SDK contains the HTTPClient in dart:io library whcih includes authorization headers when handling cross origin redirects. These headers may be explicitly set and contain sensitive information. By default, HttpClient handles redirection logic. If a request is sent to example.com with authorization header and it redirects to an attackers site, they might not expect attacker site to receive authorization header. We recommend updating the Dart SDK to version 2.16.0 or beyond."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-305",
"description": "CWE-305 Authentication Bypass by Primary Weakness",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-18T13:35:11.000Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://dart-review.googlesource.com/c/sdk/+/229947"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dart-lang/sdk/commit/57db739be0ad4629079bfa94840064f615d35abc"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Auth bypass in Dark SDK",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"DATE_PUBLIC": "2022-02-03T11:00:00.000Z",
"ID": "CVE-2022-0451",
"STATE": "PUBLIC",
"TITLE": "Auth bypass in Dark SDK"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Dart SDK",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.16.0"
}
]
}
}
]
},
"vendor_name": "Google LLC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Dart SDK contains the HTTPClient in dart:io library whcih includes authorization headers when handling cross origin redirects. These headers may be explicitly set and contain sensitive information. By default, HttpClient handles redirection logic. If a request is sent to example.com with authorization header and it redirects to an attackers site, they might not expect attacker site to receive authorization header. We recommend updating the Dart SDK to version 2.16.0 or beyond."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-305 Authentication Bypass by Primary Weakness"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://dart-review.googlesource.com/c/sdk/+/229947",
"refsource": "MISC",
"url": "https://dart-review.googlesource.com/c/sdk/+/229947"
},
{
"name": "https://github.com/dart-lang/sdk/commit/57db739be0ad4629079bfa94840064f615d35abc",
"refsource": "MISC",
"url": "https://github.com/dart-lang/sdk/commit/57db739be0ad4629079bfa94840064f615d35abc"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2022-0451",
"datePublished": "2022-02-18T13:35:11.903Z",
"dateReserved": "2022-02-01T00:00:00.000Z",
"dateUpdated": "2025-04-21T13:56:39.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-3095 (GCVE-0-2022-3095)
Vulnerability from cvelistv5
Published
2022-10-27 00:00
Modified
2025-04-21 13:47
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
The implementation of backslash parsing in the Dart URI class for versions prior to 2.18 and Flutter versions prior to 3.30 differs from the WhatWG URL standards. Dart uses the RFC 3986 syntax, which creates incompatibilities with the '\' characters in URIs, which can lead to auth bypass in webapps interpreting URIs. We recommend updating Dart or Flutter to mitigate the issue.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Google LLC | Dart |
Version: stable < 2.18.2 Version: Flutter < 3.3.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:00:10.279Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/dart-lang/sdk/blob/master/CHANGELOG.md#2182---2022-09-28"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-3095",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-21T13:38:07.289386Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-21T13:47:41.466Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"all"
],
"product": "Dart",
"vendor": "Google LLC",
"versions": [
{
"lessThan": "2.18.2",
"status": "affected",
"version": "stable",
"versionType": "custom"
},
{
"lessThan": "3.3.3",
"status": "affected",
"version": "Flutter",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Sohom Datta, Cryptonite, MIT Manipal"
}
],
"descriptions": [
{
"lang": "en",
"value": "The implementation of backslash parsing in the Dart URI class for versions prior to 2.18 and Flutter versions prior to 3.30 differs from the WhatWG URL standards. Dart uses the RFC 3986 syntax, which creates incompatibilities with the \u0027\\\u0027 characters in URIs, which can lead to auth bypass in webapps interpreting URIs. We recommend updating Dart or Flutter to mitigate the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-27T00:00:00.000Z",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"url": "https://github.com/dart-lang/sdk/blob/master/CHANGELOG.md#2182---2022-09-28"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Incorrect parsing of the backslash characters in Dart library",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2022-3095",
"datePublished": "2022-10-27T00:00:00.000Z",
"dateReserved": "2022-09-02T00:00:00.000Z",
"dateUpdated": "2025-04-21T13:47:41.466Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8923 (GCVE-0-2020-8923)
Vulnerability from cvelistv5
Published
2020-03-26 11:31
Modified
2024-08-04 10:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Cross-site Scripting (XSS)
Summary
An improper HTML sanitization in Dart versions up to and including 2.7.1 and dev versions 2.8.0-dev.16.0, allows an attacker leveraging DOM Clobbering techniques to skip the sanitization and inject custom html/javascript (XSS). Mitigation: update your Dart SDK to 2.7.2, and 2.8.0-dev.17.0 for the dev version. If you cannot update, we recommend you review the way you use the affected APIs, and pay special attention to cases where user-provided data is used to populate DOM nodes. Consider using Element.innerText or Node.text to populate DOM elements.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/dart-lang/sdk/security/advisories/GHSA-hfq3-v9pv-p627 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T10:12:10.987Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/dart-lang/sdk/security/advisories/GHSA-hfq3-v9pv-p627"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Dart SDK",
"vendor": "Google",
"versions": [
{
"lessThanOrEqual": "2.7.1",
"status": "affected",
"version": "stable",
"versionType": "custom"
},
{
"lessThanOrEqual": "2.8.0-dev.16.0",
"status": "affected",
"version": "dev",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Vincenzo di Cicco"
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper HTML sanitization in Dart versions up to and including 2.7.1 and dev versions 2.8.0-dev.16.0, allows an attacker leveraging DOM Clobbering techniques to skip the sanitization and inject custom html/javascript (XSS). Mitigation: update your Dart SDK to 2.7.2, and 2.8.0-dev.17.0 for the dev version. If you cannot update, we recommend you review the way you use the affected APIs, and pay special attention to cases where user-provided data is used to populate DOM nodes. Consider using Element.innerText or Node.text to populate DOM elements."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-03-26T11:31:55",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/dart-lang/sdk/security/advisories/GHSA-hfq3-v9pv-p627"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "XSS in Dart",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2020-8923",
"STATE": "PUBLIC",
"TITLE": "XSS in Dart"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Dart SDK",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "stable",
"version_value": "2.7.1"
},
{
"version_affected": "\u003c=",
"version_name": "dev",
"version_value": "2.8.0-dev.16.0"
}
]
}
}
]
},
"vendor_name": "Google"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Vincenzo di Cicco"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper HTML sanitization in Dart versions up to and including 2.7.1 and dev versions 2.8.0-dev.16.0, allows an attacker leveraging DOM Clobbering techniques to skip the sanitization and inject custom html/javascript (XSS). Mitigation: update your Dart SDK to 2.7.2, and 2.8.0-dev.17.0 for the dev version. If you cannot update, we recommend you review the way you use the affected APIs, and pay special attention to cases where user-provided data is used to populate DOM nodes. Consider using Element.innerText or Node.text to populate DOM elements."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/dart-lang/sdk/security/advisories/GHSA-hfq3-v9pv-p627",
"refsource": "CONFIRM",
"url": "https://github.com/dart-lang/sdk/security/advisories/GHSA-hfq3-v9pv-p627"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2020-8923",
"datePublished": "2020-03-26T11:31:55",
"dateReserved": "2020-02-12T00:00:00",
"dateUpdated": "2024-08-04T10:12:10.987Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-22568 (GCVE-0-2021-22568)
Vulnerability from cvelistv5
Published
2021-12-09 17:05
Modified
2024-08-03 18:44
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-255 - Credentials Management
Summary
When using the dart pub publish command to publish a package to a third-party package server, the request would be authenticated with an oauth2 access_token that is valid for publishing on pub.dev. Using these obtained credentials, an attacker can impersonate the user on pub.dev. We recommend upgrading past https://github.com/dart-lang/sdk/commit/d787e78d21e12ec1ef712d229940b1172aafcdf8 or beyond version 2.15.0
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/dart-lang/sdk/commit/d787e78d21e12ec1ef712d229940b1172aafcdf8 | x_refsource_MISC | |
| https://github.com/dart-lang/sdk/blob/main/CHANGELOG.md | x_refsource_MISC | |
| https://github.com/dart-lang/sdk/security/advisories/GHSA-r32f-vhjp-qhj7 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Google LLC | Dart SDK |
Version: unspecified < 2.15.0 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T18:44:14.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dart-lang/sdk/commit/d787e78d21e12ec1ef712d229940b1172aafcdf8"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dart-lang/sdk/blob/main/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/dart-lang/sdk/security/advisories/GHSA-r32f-vhjp-qhj7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Dart SDK",
"vendor": "Google LLC",
"versions": [
{
"lessThan": "2.15.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "When using the dart pub publish command to publish a package to a third-party package server, the request would be authenticated with an oauth2 access_token that is valid for publishing on pub.dev. Using these obtained credentials, an attacker can impersonate the user on pub.dev. We recommend upgrading past https://github.com/dart-lang/sdk/commit/d787e78d21e12ec1ef712d229940b1172aafcdf8 or beyond version 2.15.0"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-255",
"description": "CWE-255 Credentials Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-09T17:05:12",
"orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"shortName": "Google"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dart-lang/sdk/commit/d787e78d21e12ec1ef712d229940b1172aafcdf8"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dart-lang/sdk/blob/main/CHANGELOG.md"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/dart-lang/sdk/security/advisories/GHSA-r32f-vhjp-qhj7"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Dart - Publishing to third-party package repositories may expose pub.dev credentials",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@google.com",
"ID": "CVE-2021-22568",
"STATE": "PUBLIC",
"TITLE": "Dart - Publishing to third-party package repositories may expose pub.dev credentials"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Dart SDK",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.15.0"
}
]
}
}
]
},
"vendor_name": "Google LLC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "When using the dart pub publish command to publish a package to a third-party package server, the request would be authenticated with an oauth2 access_token that is valid for publishing on pub.dev. Using these obtained credentials, an attacker can impersonate the user on pub.dev. We recommend upgrading past https://github.com/dart-lang/sdk/commit/d787e78d21e12ec1ef712d229940b1172aafcdf8 or beyond version 2.15.0"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-255 Credentials Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/dart-lang/sdk/commit/d787e78d21e12ec1ef712d229940b1172aafcdf8",
"refsource": "MISC",
"url": "https://github.com/dart-lang/sdk/commit/d787e78d21e12ec1ef712d229940b1172aafcdf8"
},
{
"name": "https://github.com/dart-lang/sdk/blob/main/CHANGELOG.md",
"refsource": "MISC",
"url": "https://github.com/dart-lang/sdk/blob/main/CHANGELOG.md"
},
{
"name": "https://github.com/dart-lang/sdk/security/advisories/GHSA-r32f-vhjp-qhj7",
"refsource": "MISC",
"url": "https://github.com/dart-lang/sdk/security/advisories/GHSA-r32f-vhjp-qhj7"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
"assignerShortName": "Google",
"cveId": "CVE-2021-22568",
"datePublished": "2021-12-09T17:05:12",
"dateReserved": "2021-01-05T00:00:00",
"dateUpdated": "2024-08-03T18:44:14.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2022-01-05 11:15
Modified
2024-11-21 05:50
Severity ?
4.6 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
3.5 (Low) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
3.5 (Low) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Summary
Bidirectional Unicode text can be interpreted and compiled differently than how it appears in editors which can be exploited to get nefarious code passed a code review by appearing benign. An attacker could embed a source that is invisible to a code reviewer that modifies the behavior of a program in unexpected ways.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve-coordination@google.com | https://github.com/dart-lang/sdk/blob/main/CHANGELOG.md | Release Notes, Third Party Advisory | |
| cve-coordination@google.com | https://github.com/dart-lang/sdk/commit/52519ea8eb4780c468c4c2ed00e7c8046ccfed41 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/dart-lang/sdk/blob/main/CHANGELOG.md | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/dart-lang/sdk/commit/52519ea8eb4780c468c4c2ed00e7c8046ccfed41 | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dart | dart_software_development_kit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F12093A9-8594-4A7E-853E-2D4C28977D25",
"versionEndExcluding": "2.15.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Bidirectional Unicode text can be interpreted and compiled differently than how it appears in editors which can be exploited to get nefarious code passed a code review by appearing benign. An attacker could embed a source that is invisible to a code reviewer that modifies the behavior of a program in unexpected ways."
},
{
"lang": "es",
"value": "El texto Unicode bidireccional puede ser interpretado y compilado de forma diferente a como aparece en los editores, lo que puede ser explotado para conseguir que el c\u00f3digo nefasto pase una revisi\u00f3n de c\u00f3digo aparentando ser benigno. Un atacante podr\u00eda insertar una fuente invisible para un revisor de c\u00f3digo que modifique el comportamiento de un programa de forma no esperada."
}
],
"id": "CVE-2021-22567",
"lastModified": "2024-11-21T05:50:20.357",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 2.5,
"source": "cve-coordination@google.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-05T11:15:08.120",
"references": [
{
"source": "cve-coordination@google.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/dart-lang/sdk/blob/main/CHANGELOG.md"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/dart-lang/sdk/commit/52519ea8eb4780c468c4c2ed00e7c8046ccfed41"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/dart-lang/sdk/blob/main/CHANGELOG.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/dart-lang/sdk/commit/52519ea8eb4780c468c4c2ed00e7c8046ccfed41"
}
],
"sourceIdentifier": "cve-coordination@google.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "cve-coordination@google.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-02-18 14:15
Modified
2024-11-21 06:38
Severity ?
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Summary
Dart SDK contains the HTTPClient in dart:io library whcih includes authorization headers when handling cross origin redirects. These headers may be explicitly set and contain sensitive information. By default, HttpClient handles redirection logic. If a request is sent to example.com with authorization header and it redirects to an attackers site, they might not expect attacker site to receive authorization header. We recommend updating the Dart SDK to version 2.16.0 or beyond.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve-coordination@google.com | https://dart-review.googlesource.com/c/sdk/+/229947 | Issue Tracking, Patch, Third Party Advisory | |
| cve-coordination@google.com | https://github.com/dart-lang/sdk/commit/57db739be0ad4629079bfa94840064f615d35abc | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://dart-review.googlesource.com/c/sdk/+/229947 | Issue Tracking, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/dart-lang/sdk/commit/57db739be0ad4629079bfa94840064f615d35abc | Patch, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dart | dart_software_development_kit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17D69A94-FDC3-417E-B7EB-FD2CD8CCD8A3",
"versionEndExcluding": "2.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Dart SDK contains the HTTPClient in dart:io library whcih includes authorization headers when handling cross origin redirects. These headers may be explicitly set and contain sensitive information. By default, HttpClient handles redirection logic. If a request is sent to example.com with authorization header and it redirects to an attackers site, they might not expect attacker site to receive authorization header. We recommend updating the Dart SDK to version 2.16.0 or beyond."
},
{
"lang": "es",
"value": "Dart SDK contiene la biblioteca HTTPClient en dart:io que incluye encabezados de autorizaci\u00f3n cuando maneja redireccionamientos de origen cruzado. Estos encabezados pueden ser establecidas expl\u00edcitamente y contienen informaci\u00f3n confidencial. Por fallo, HttpClient maneja la l\u00f3gica de redirecci\u00f3n. Si es enviado una petici\u00f3n a example.com con un encabezado de autorizaci\u00f3n y es redirigido a un sitio de atacantes, \u00e9stos podr\u00edan no esperar que el sitio del atacante reciba el encabezado de autorizaci\u00f3n. Recomendamos actualizar Dart SDK a versi\u00f3n 2.16.0 o superior"
}
],
"id": "CVE-2022-0451",
"lastModified": "2024-11-21T06:38:39.097",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "cve-coordination@google.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-02-18T14:15:07.817",
"references": [
{
"source": "cve-coordination@google.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://dart-review.googlesource.com/c/sdk/+/229947"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/dart-lang/sdk/commit/57db739be0ad4629079bfa94840064f615d35abc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://dart-review.googlesource.com/c/sdk/+/229947"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/dart-lang/sdk/commit/57db739be0ad4629079bfa94840064f615d35abc"
}
],
"sourceIdentifier": "cve-coordination@google.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-305"
}
],
"source": "cve-coordination@google.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-03-26 12:15
Modified
2024-11-21 05:39
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
An improper HTML sanitization in Dart versions up to and including 2.7.1 and dev versions 2.8.0-dev.16.0, allows an attacker leveraging DOM Clobbering techniques to skip the sanitization and inject custom html/javascript (XSS). Mitigation: update your Dart SDK to 2.7.2, and 2.8.0-dev.17.0 for the dev version. If you cannot update, we recommend you review the way you use the affected APIs, and pay special attention to cases where user-provided data is used to populate DOM nodes. Consider using Element.innerText or Node.text to populate DOM elements.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dart | dart_software_development_kit | * | |
| dart | dart_software_development_kit | 2.8.0 | |
| dart | dart_software_development_kit | 2.8.0 | |
| dart | dart_software_development_kit | 2.8.0 | |
| dart | dart_software_development_kit | 2.8.0 | |
| dart | dart_software_development_kit | 2.8.0 | |
| dart | dart_software_development_kit | 2.8.0 | |
| dart | dart_software_development_kit | 2.8.0 | |
| dart | dart_software_development_kit | 2.8.0 | |
| dart | dart_software_development_kit | 2.8.0 | |
| dart | dart_software_development_kit | 2.8.0 | |
| dart | dart_software_development_kit | 2.8.0 | |
| dart | dart_software_development_kit | 2.8.0 | |
| dart | dart_software_development_kit | 2.8.0 | |
| dart | dart_software_development_kit | 2.8.0 | |
| dart | dart_software_development_kit | 2.8.0 | |
| dart | dart_software_development_kit | 2.8.0 | |
| dart | dart_software_development_kit | 2.8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "245EA6E1-858A-4EE0-8783-D6FC91C304F8",
"versionEndExcluding": "2.7.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:2.8.0:dev0.0:*:*:*:*:*:*",
"matchCriteriaId": "6C378984-C1E4-4541-AF8F-F00950C27297",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:2.8.0:dev1.0:*:*:*:*:*:*",
"matchCriteriaId": "B7D246F3-B3A0-497A-8C5F-5ADC9735D3D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:2.8.0:dev10.0:*:*:*:*:*:*",
"matchCriteriaId": "932257F3-0AC1-4181-A6E2-F05AA5458F0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:2.8.0:dev11.0:*:*:*:*:*:*",
"matchCriteriaId": "3604B788-12F5-4464-9264-D480A1CFEB4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:2.8.0:dev12.0:*:*:*:*:*:*",
"matchCriteriaId": "5DCBC478-7046-44DF-ADF0-03D45E1A5C69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:2.8.0:dev13.0:*:*:*:*:*:*",
"matchCriteriaId": "85F43007-8E34-4B52-9D9D-4EBDF0C99BD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:2.8.0:dev14.0:*:*:*:*:*:*",
"matchCriteriaId": "E37CB132-888D-4D20-871D-50BC29FF497C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:2.8.0:dev15.0:*:*:*:*:*:*",
"matchCriteriaId": "CDAAE2E2-2BD9-41B8-903B-FA113B3074F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:2.8.0:dev16.0:*:*:*:*:*:*",
"matchCriteriaId": "0163439B-633A-475D-B7C3-56EBEDFA1A60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:2.8.0:dev2.0:*:*:*:*:*:*",
"matchCriteriaId": "33E498C7-7A01-4F27-ADED-679ADC702DA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:2.8.0:dev3.0:*:*:*:*:*:*",
"matchCriteriaId": "0E2FE06D-3A1F-4051-865F-29DDD4CC4ADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:2.8.0:dev4.0:*:*:*:*:*:*",
"matchCriteriaId": "BB27262C-0156-47AE-B9EF-CFA1748AF9BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:2.8.0:dev5.0:*:*:*:*:*:*",
"matchCriteriaId": "24BCF25D-D5F5-49A1-9209-3C2F88A10516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:2.8.0:dev6.0:*:*:*:*:*:*",
"matchCriteriaId": "2417EDC0-751B-4DE9-A61B-885175855D58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:2.8.0:dev7.0:*:*:*:*:*:*",
"matchCriteriaId": "DE211D61-1029-4987-8B1C-C1791FEF53D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:2.8.0:dev8.0:*:*:*:*:*:*",
"matchCriteriaId": "B7066A39-DD04-47EB-9F67-DC4A7285B864",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:2.8.0:dev9.0:*:*:*:*:*:*",
"matchCriteriaId": "71C09C17-1558-401E-AA73-F4B1C2BAD816",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An improper HTML sanitization in Dart versions up to and including 2.7.1 and dev versions 2.8.0-dev.16.0, allows an attacker leveraging DOM Clobbering techniques to skip the sanitization and inject custom html/javascript (XSS). Mitigation: update your Dart SDK to 2.7.2, and 2.8.0-dev.17.0 for the dev version. If you cannot update, we recommend you review the way you use the affected APIs, and pay special attention to cases where user-provided data is used to populate DOM nodes. Consider using Element.innerText or Node.text to populate DOM elements."
},
{
"lang": "es",
"value": "Un saneamiento HTML inapropiado en Dart versiones hasta 2.7.1 y las versiones dev 2.8.0-dev.16.0, permite a un atacante aprovechar las t\u00e9cnicas DOM Clobbering para omitir el saneamiento e inyectar html/javascript personalizado (XSS). Mitigaci\u00f3n: actualizar su Dart SDK a versi\u00f3n 2.7.2 y a versi\u00f3n 2.8.0-dev.17.0 para la versi\u00f3n de desarrollo. Si no puede actualizar, le recomendamos que revise la manera en que usa las API afectadas y preste especial atenci\u00f3n a los casos en los que los datos provistos por el usuario son utilizados para completar los nodos DOM. Considere usar Element.innerText o Node.text para llenar los elementos DOM."
}
],
"id": "CVE-2020-8923",
"lastModified": "2024-11-21T05:39:41.267",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "cve-coordination@google.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-03-26T12:15:12.217",
"references": [
{
"source": "cve-coordination@google.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/dart-lang/sdk/security/advisories/GHSA-hfq3-v9pv-p627"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/dart-lang/sdk/security/advisories/GHSA-hfq3-v9pv-p627"
}
],
"sourceIdentifier": "cve-coordination@google.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "cve-coordination@google.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-10-27 16:15
Modified
2024-11-21 07:18
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The implementation of backslash parsing in the Dart URI class for versions prior to 2.18 and Flutter versions prior to 3.30 differs from the WhatWG URL standards. Dart uses the RFC 3986 syntax, which creates incompatibilities with the '\' characters in URIs, which can lead to auth bypass in webapps interpreting URIs. We recommend updating Dart or Flutter to mitigate the issue.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve-coordination@google.com | https://github.com/dart-lang/sdk/blob/master/CHANGELOG.md#2182---2022-09-28 | Release Notes, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/dart-lang/sdk/blob/master/CHANGELOG.md#2182---2022-09-28 | Release Notes, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dart | dart_software_development_kit | * | |
| flutter | flutter | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FD10CDBF-D762-4BAD-B431-81C75BAB341B",
"versionEndExcluding": "2.18.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:flutter:flutter:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3BF7AFB-5807-444E-A70A-455E7D3C3ECF",
"versionEndExcluding": "3.3.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The implementation of backslash parsing in the Dart URI class for versions prior to 2.18 and Flutter versions prior to 3.30 differs from the WhatWG URL standards. Dart uses the RFC 3986 syntax, which creates incompatibilities with the \u0027\\\u0027 characters in URIs, which can lead to auth bypass in webapps interpreting URIs. We recommend updating Dart or Flutter to mitigate the issue."
},
{
"lang": "es",
"value": "La implementaci\u00f3n del an\u00e1lisis de barra invertida en la clase Dart URI para versiones anteriores a 2.18 y versiones de Flutter anteriores a 3.30 difiere de los est\u00e1ndares de URL de WhatWG. Dart utiliza la sintaxis RFC 3986, que crea incompatibilidades con los caracteres \u0027\\\u0027 en los URI, lo que puede provocar una omisi\u00f3n de autenticaci\u00f3n en las aplicaciones web que interpretan los URI. Recomendamos actualizar Dart o Flutter para mitigar el problema."
}
],
"id": "CVE-2022-3095",
"lastModified": "2024-11-21T07:18:49.013",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "cve-coordination@google.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-10-27T16:15:09.600",
"references": [
{
"source": "cve-coordination@google.com",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/dart-lang/sdk/blob/master/CHANGELOG.md#2182---2022-09-28"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/dart-lang/sdk/blob/master/CHANGELOG.md#2182---2022-09-28"
}
],
"sourceIdentifier": "cve-coordination@google.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "cve-coordination@google.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-04-22 15:15
Modified
2024-11-21 05:50
Severity ?
Summary
Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use an XSS attack via DOM clobbering. The validation logic in dart:html for creating DOM nodes from text did not sanitize properly when it came across template tags.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dart | dart_software_development_kit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9ECB219-E894-4499-9918-2199CA9532EA",
"versionEndExcluding": "2.12.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use an XSS attack via DOM clobbering. The validation logic in dart:html for creating DOM nodes from text did not sanitize properly when it came across template tags."
},
{
"lang": "es",
"value": "Una mala l\u00f3gica de comprobaci\u00f3n en el Dart SDK versiones anteriores a 2.12.3 permite a un atacante usar un ataque de tipo XSS por medio de DOM clobbering.\u0026#xa0;La l\u00f3gica de comprobaci\u00f3n en dart: html para crear nodos DOM a partir de texto no se saneaban apropiadamente cuando se encontraba con etiquetas de plantilla"
}
],
"id": "CVE-2021-22540",
"lastModified": "2024-11-21T05:50:18.160",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-04-22T15:15:07.930",
"references": [
{
"source": "cve-coordination@google.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/dart-lang/sdk/commit/ce5a1c2392debce967415d4c09359ff2555e3588"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Broken Link"
],
"url": "https://github.com/dart-lang/sdk/security/advisories/GHSA-3rfv-4jvg-9522"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/dart-lang/sdk/commit/ce5a1c2392debce967415d4c09359ff2555e3588"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://github.com/dart-lang/sdk/security/advisories/GHSA-3rfv-4jvg-9522"
}
],
"sourceIdentifier": "cve-coordination@google.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "cve-coordination@google.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-12-09 17:15
Modified
2024-11-21 05:50
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L
Summary
When using the dart pub publish command to publish a package to a third-party package server, the request would be authenticated with an oauth2 access_token that is valid for publishing on pub.dev. Using these obtained credentials, an attacker can impersonate the user on pub.dev. We recommend upgrading past https://github.com/dart-lang/sdk/commit/d787e78d21e12ec1ef712d229940b1172aafcdf8 or beyond version 2.15.0
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| dart | dart_software_development_kit | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dart:dart_software_development_kit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F12093A9-8594-4A7E-853E-2D4C28977D25",
"versionEndExcluding": "2.15.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "When using the dart pub publish command to publish a package to a third-party package server, the request would be authenticated with an oauth2 access_token that is valid for publishing on pub.dev. Using these obtained credentials, an attacker can impersonate the user on pub.dev. We recommend upgrading past https://github.com/dart-lang/sdk/commit/d787e78d21e12ec1ef712d229940b1172aafcdf8 or beyond version 2.15.0"
},
{
"lang": "es",
"value": "Cuando es usado el comando dart pub publish para publicar un paquete en un servidor de paquetes de terceros, la petici\u00f3n se autentifica con un access_token oauth2 v\u00e1lido para publicar en pub.dev. Usando estas credenciales obtenidas, un atacante puede suplantar al usuario en pub.dev. Se recomienda actualizar a partir de https://github.com/dart-lang/sdk/commit/d787e78d21e12ec1ef712d229940b1172aafcdf8 o de la versi\u00f3n 2.15"
}
],
"id": "CVE-2021-22568",
"lastModified": "2024-11-21T05:50:20.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.3,
"source": "cve-coordination@google.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.3,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-12-09T17:15:07.567",
"references": [
{
"source": "cve-coordination@google.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/dart-lang/sdk/blob/main/CHANGELOG.md"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/dart-lang/sdk/commit/d787e78d21e12ec1ef712d229940b1172aafcdf8"
},
{
"source": "cve-coordination@google.com",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/dart-lang/sdk/security/advisories/GHSA-r32f-vhjp-qhj7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/dart-lang/sdk/blob/main/CHANGELOG.md"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/dart-lang/sdk/commit/d787e78d21e12ec1ef712d229940b1172aafcdf8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://github.com/dart-lang/sdk/security/advisories/GHSA-r32f-vhjp-qhj7"
}
],
"sourceIdentifier": "cve-coordination@google.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "cve-coordination@google.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-668"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}