5 matches found
CVE-2022-3095
The implementation of backslash parsing in the Dart URI class for versions prior to 2.18 and Flutter versions prior to 3.30 differs from the WhatWG URL standards. Dart uses the RFC 3986 syntax, which creates incompatibilities with the '' characters in URIs, which can lead to auth bypass in webapp...
CVE-2022-3095 Incorrect parsing of the backslash characters in Dart library
The implementation of backslash parsing in the Dart URI class for versions prior to 2.18 and Flutter versions prior to 3.30 differs from the WhatWG URL standards. Dart uses the RFC 3986 syntax, which creates incompatibilities with the '' characters in URIs, which can lead to auth bypass in webapp...
CVE-2022-3095
CVE-2022-3095 affects Dart/Flutter: the Dart URI class uses RFC 3986 syntax for backslash parsing, diverging from WhatWG URL standards and causing incompatibilities with \ in URIs. This can enable authentication bypass in web apps that parse URIs. Affected: Dart versions prior to 2.18 and Flutter...
CVE-2022-3095 Incorrect parsing of the backslash characters in Dart library
The implementation of backslash parsing in the Dart URI class for versions prior to 2.18 and Flutter versions prior to 3.30 differs from the WhatWG URL standards. Dart uses the RFC 3986 syntax, which creates incompatibilities with the '' characters in URIs, which can lead to auth bypass in webapp...
CVE-2022-3095 Incorrect parsing of the backslash characters in Dart library
The implementation of backslash parsing in the Dart URI class for versions prior to 2.18 and Flutter versions prior to 3.30 differs from the WhatWG URL standards. Dart uses the RFC 3986 syntax, which creates incompatibilities with the '' characters in URIs, which can lead to auth bypass in webapp...