Lucene search
GoogleOSV:GHSA-JWPW-Q68H-R678HistoryMay 24, 2022 - 5:47 p.m.
Improper Neutralization of CRLF Sequences in dio
2022-05-2417:47:44
Google
osv.dev
13
crlf injection
http method
vulnerability
dart
software
EPSS
0.001
Percentile
32.7%
The dio package prior to 5.0.0 for Dart allows CRLF injection if the attacker controls the HTTP method string, a different vulnerability than CVE-2020-35669.
Related
github
github
http before 0.13.3 vulnerable to header injection
2022-05-24 17:37:16
Duplicate Advisory: Improper Neutralization of CRLF Sequences in dio
2022-05-24 17:47:44
dio vulnerable to CRLF injection with HTTP method string
2023-03-21 22:41:11
osv
osv
CVE-2020-35669
2020-12-24 03:15:12
http before 0.13.3 vulnerable to header injection
2022-05-24 17:37:16
CVE-2021-31402
2021-04-15 19:15:12
cvelist
cvelist
CVE-2020-35669
2020-12-24 02:05:30
CVE-2021-31402
2021-04-15 18:18:52
nvd
nvd
CVE-2020-35669
2020-12-24 03:15:12
CVE-2021-31402
2021-04-15 19:15:12
prion
prion
Crlf injection
2020-12-24 03:15:00
Crlf injection
2021-04-15 19:15:00
cve
cve
CVE-2020-35669
2020-12-24 03:15:12
CVE-2021-31402
2021-04-15 19:15:12