EUVD-2023-0955

Malicious code in bioql PyPI...

CVE-2021-31402

The dio package 4.0.0 for Dart allows CRLF injection if the attacker controls the HTTP method string, a different vulnerability than CVE-2020-35669...

dio vulnerable to CRLF injection with HTTP method string

The dio package 4.0.0 for Dart allows CRLF injection if the attacker controls the HTTP method string, a different vulnerability than CVE-2020-35669...

Duplicate Advisory: Improper Neutralization of CRLF Sequences in dio

Duplicate advisory This advisory has been withdrawn because it is a duplicate of GHSA-9324-jv53-9cc8. This link is maintained to preserve external references. Original Description The dio package prior to 5.0.0 for Dart allows CRLF injection if the attacker controls the HTTP method string, a...

Crlf injection

The dio package 4.0.0 for Dart allows CRLF injection if the attacker controls the HTTP method string, a different vulnerability than CVE-2020-35669...

CVE-2021-31402

CVE-2021-31402 affects the dio package for Dart, specifically version 4.0.0, where CRLF injection is possible when an attacker controls the HTTP method string. The issue is a distinct vulnerability from CVE-2020-35669 and is documented as a CRLF sequence handling flaw in the Dio HTTP client. Patc...

wendu dio 注入漏洞

wendu dio is a wendu open source application system . Dart's powerful Http client , it supports interceptor , global configuration , FormData, request cancelation , file downloads, timeout and so on . dio package version 4.0.0 injection vulnerability , an attacker can use the vulnerability to...