High severityNVD Advisory· Published Apr 15, 2021· Updated Aug 3, 2024
CVE-2021-31402
CVE-2021-31402
Description
The dio package 4.0.0 for Dart allows CRLF injection if the attacker controls the HTTP method string, a different vulnerability than CVE-2020-35669.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
dioPub | < 5.0.0 | 5.0.0 |
Affected products
2- Dart/diodescription
Patches
Vulnerability mechanics
References
8- github.com/advisories/GHSA-9324-jv53-9cc8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-31402ghsaADVISORY
- github.com/cfug/dio/commit/927f79e93ba39f3c3a12c190624a55653d577984ghsaWEB
- github.com/cfug/dio/issues/1752ghsaWEB
- github.com/cfug/dio/security/advisories/GHSA-9324-jv53-9cc8ghsaWEB
- github.com/flutterchina/dio/issues/1130ghsax_refsource_MISCWEB
- osv.dev/GHSA-jwpw-q68h-r678ghsaWEB
- security.snyk.io/vuln/SNYK-PUB-DIO-5891148ghsaWEB
News mentions
0No linked articles in our index yet.