dart
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | The dart programming language SDK |
| Version | 3.9.4-1 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2618 | 2.14.4-1 | 2.16.1-1 | Medium | Fixed | |
| AVG-1859 | 2.12.2-1 | 2.12.3-1 | Medium | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2021-22568 | AVG-2618 | Medium | Yes | Authentication bypass | A security issue has been found in Dart before version 2.15.0. When using the dart pub publish command to publish a package to a third- party package... |
| CVE-2021-22567 | AVG-2618 | Medium | Yes | Content spoofing | A security issue has been found in the Dart Core SDK before version 2.15.0. Bidirectional Unicode text can be interpreted and compiled differently than how... |
| CVE-2021-22540 | AVG-1859 | Medium | Yes | Cross-site scripting | Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use a cross-site scripting (XSS) attack via DOM clobbering. The... |