You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
Duplicate Advisory: Improper Neutralization of CRLF Sequences in dio
High severity
GitHub Reviewed
Published
May 24, 2022
to the GitHub Advisory Database
•
Updated Oct 5, 2023
Withdrawn
This advisory was withdrawn on Oct 5, 2023
This advisory has been withdrawn because it is a duplicate of GHSA-9324-jv53-9cc8. This link is maintained to preserve external references.
Original Description
The dio package prior to 5.0.0 for Dart allows CRLF injection if the attacker controls the HTTP method string, a different vulnerability than CVE-2020-35669.
Duplicate advisory
This advisory has been withdrawn because it is a duplicate of GHSA-9324-jv53-9cc8. This link is maintained to preserve external references.
Original Description
The dio package prior to 5.0.0 for Dart allows CRLF injection if the attacker controls the HTTP method string, a different vulnerability than CVE-2020-35669.
References