Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2024/10/15 5:33 p.m.18 views

Agent Dart is missing certificate verification checks

Certificate verification in lib/agent/certificate.dart has been found to contain two issues: - During the delegation verification in checkDelegation function the canisterranges aren't verified. The impact of not checking the canisterranges is that a subnet can sign canister responses in behalf of...

8.7CVSS7AI score0.00353EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2024/10/15 5:12 p.m.15 views

CVE-2024-48915 Agent Dart missing certificate verification checks

Agent Dart is an agent library built for Internet Computer for Dart and Flutter apps. Prior to version 1.0.0-dev.29, certificate verification in lib/agent/certificate.dart does not occur properly. During the delegation verification in the checkDelegation function, the canisterranges aren't...

8.7CVSS6.8AI score0.00353EPSS
Exploits0References6
CVE
CVE
added 2024/10/15 5:12 p.m.41 views

CVE-2024-48915

Agent Dart (for Dart/Flutter) prior to version 1.0.0-dev.29 has certificate verification issues in lib/agent/certificate.dart. In _checkDelegation, canister_ranges are not verified, potentially allowing a subnet to sign canister responses on behalf of another subnet. The certificate’s /time path ...

8.7CVSS6.6AI score0.00353EPSS
Exploits0References4
GitLab Advisory Database
GitLab Advisory Database
added 2024/10/15 12:0 a.m.8 views

Agent Dart is missing certificate verification checks

Certificate verification in lib/agent/certificate.dart has been found to contain two issues: - During the delegation verification in checkDelegation function the canisterranges aren't verified. The impact of not checking the canisterranges is that a subnet can sign canister responses in behalf of...

8.7CVSS5.9AI score0.00353EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder