Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2022-3095
HistoryOct 27, 2022 - 4:15 p.m.

Design/Logic Flaw

2022-10-2716:15:00
PRIOn knowledge base
www.prio-n.com
6
dart
uri
backslash parsing
authentication bypass
incompatibility
web apps

9.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.1%

JSON

The implementation of backslash parsing in the Dart URI class for versions prior to 2.18 and Flutter versions prior to 3.30 differs from the WhatWG URL standards. Dart uses the RFC 3986 syntax, which creates incompatibilities with the '' characters in URIs, which can lead to auth bypass in webapps interpreting URIs. We recommend updating Dart or Flutter to mitigate the issue.

Related

cve 1
osv 1
cvelist 1
nvd 1
cve
cve
CVE-2022-3095
2022-10-27 16:15:09
osv
osv
CVE-2022-3095
2022-10-27 16:15:09
cvelist
cvelist
CVE-2022-3095 Incorrect parsing of the backslash characters in Dart library
2022-10-27 00:00:00
nvd
nvd
CVE-2022-3095
2022-10-27 16:15:09

9.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.1%

JSON
Related for PRION:CVE-2022-3095
cve1osv1cvelist1nvd1