CVE-2021-22568 log

Severity Medium
Remote Yes
Type Authentication bypass
A security issue has been found in Dart before version 2.15.0. When using the dart pub publish command to publish a package to a third-party package server, the request would be authenticated with an oauth2 access_token that is valid for publishing on Using these obtained credentials, an attacker can impersonate the user on
Group Package Affected Fixed Severity Status Ticket
AVG-2618 dart 2.14.4-1 2.16.1-1 Medium Fixed