4 matches found
EUVD-2023-0955
Malicious code in bioql PyPI...
Duplicate Advisory: Improper Neutralization of CRLF Sequences in dio
Duplicate advisory This advisory has been withdrawn because it is a duplicate of GHSA-9324-jv53-9cc8. This link is maintained to preserve external references. Original Description The dio package prior to 5.0.0 for Dart allows CRLF injection if the attacker controls the HTTP method string, a...
CVE-2020-35669
An issue was discovered in the http package through 0.12.2 for Dart. If the attacker controls the HTTP method and the app is using Request directly, it's possible to achieve CRLF injection in an HTTP request...
CVE-2020-35669
The CVE-2020-35669 entry applies to the Dart http package up to version 0.12.2. It describes a CRLF injection vulnerability in HTTP requests when the attacker controls the HTTP method and the application uses the Request type directly. The issue enables crafting of HTTP requests that may inject C...