Approved changes feed: RSS · Atom
cpe:2.3:a:google_llc:dart:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Google Llc (c72c74b5-1c39-5d47-98b8-8dacb6f7d99a) |
|---|---|
| Product | Dart (684a1e03-2230-58d7-b7c9-af935b7081ef) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-3095 |
vulnerable | 2026-06-03 14:47:52.219180 |
Incorrect parsing of the backslash characters in Dart library
CRITICAL (9.8)
The implementation of backslash parsing in the Dart URI class for versions prior to 2.18 and Flutter versions prior to 3.30 differs from the WhatWG URL standards. Dart uses the RFC 3986 syntax, which creates incompatibilities with the '\' characters in URIs, which can lead to auth bypass in webapps interpreting URIs. We recommend updating Dart or Flutter to mitigate the issue.
Published: 2022-10-27T00:00:00.000Z
Updated: 2025-04-21T13:47:41.466Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.