CVE-2021-22540 - Vulnerability Details

Vendors	Products
Dart	Dart Software Development Kit

Link	Providers
https://github.com/dart-lang/sdk/commit/ce5a1c2392debce967415d4c09359ff2555e3588
https://github.com/dart-lang/sdk/security/advisories/GHSA-3rfv-4jvg-9522

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "Dart SDK", "vendor": "Google LLC", "versions": [{"lessThan": "2.12.3", "status": "affected", "version": "stable", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Vincenzo di Cicco"}], "descriptions": [{"lang": "en", "value": "Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use an XSS attack via DOM clobbering. The validation logic in dart:html for creating DOM nodes from text did not sanitize properly when it came across template tags."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-04-22T14:15:17", "orgId": "14ed7db2-1595-443d-9d34-6215bf890778", "shortName": "Google"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/dart-lang/sdk/security/advisories/GHSA-3rfv-4jvg-9522"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/dart-lang/sdk/commit/ce5a1c2392debce967415d4c09359ff2555e3588"}], "source": {"discovery": "EXTERNAL"}, "title": "XSS in Dart SDK", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@google.com", "ID": "CVE-2021-22540", "STATE": "PUBLIC", "TITLE": "XSS in Dart SDK"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Dart SDK", "version": {"version_data": [{"version_affected": "<", "version_name": "stable", "version_value": "2.12.3"}]}}]}, "vendor_name": "Google LLC"}]}}, "credit": [{"lang": "eng", "value": "Vincenzo di Cicco"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use an XSS attack via DOM clobbering. The validation logic in dart:html for creating DOM nodes from text did not sanitize properly when it came across template tags."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-79: Improper Neutralization of Input During Web Page Generation"}]}]}, "references": {"reference_data": [{"name": "https://github.com/dart-lang/sdk/security/advisories/GHSA-3rfv-4jvg-9522", "refsource": "CONFIRM", "url": "https://github.com/dart-lang/sdk/security/advisories/GHSA-3rfv-4jvg-9522"}, {"name": "https://github.com/dart-lang/sdk/commit/ce5a1c2392debce967415d4c09359ff2555e3588", "refsource": "CONFIRM", "url": "https://github.com/dart-lang/sdk/commit/ce5a1c2392debce967415d4c09359ff2555e3588"}]}, "source": {"discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T18:44:14.025Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/dart-lang/sdk/security/advisories/GHSA-3rfv-4jvg-9522"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/dart-lang/sdk/commit/ce5a1c2392debce967415d4c09359ff2555e3588"}]}]}, "cveMetadata": {"assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778", "assignerShortName": "Google", "cveId": "CVE-2021-22540", "datePublished": "2021-04-22T14:15:17", "dateReserved": "2021-01-05T00:00:00", "dateUpdated": "2024-08-03T18:44:14.025Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : Dart SDK (string)

vendor : Google LLC (string)

versions : [ »

0 : { »

lessThan : 2.12.3 (string)

status : affected (string)

version : stable (string)

versionType : custom (string)

}

]

}

]

credits : [ »

0 : { »

lang : en (string)

value : Vincenzo di Cicco (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use an XSS attack via DOM clobbering. The validation logic in dart:html for creating DOM nodes from text did not sanitize properly when it came across template tags. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

cweId : CWE-79 (string)

description : CWE-79: Improper Neutralization of Input During Web Page Generation (string)

lang : en (string)

type : CWE (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2021-04-22T14:15:17 (string)

orgId : 14ed7db2-1595-443d-9d34-6215bf890778 (string)

shortName : Google (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://github.com/dart-lang/sdk/security/advisories/GHSA-3rfv-4jvg-9522 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://github.com/dart-lang/sdk/commit/ce5a1c2392debce967415d4c09359ff2555e3588 (string)

}

]

source : { »

discovery : EXTERNAL (string)

}

title : XSS in Dart SDK (string)

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : security@google.com (string)

ID : CVE-2021-22540 (string)

STATE : PUBLIC (string)

TITLE : XSS in Dart SDK (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : Dart SDK (string)

version : { »

version_data : [ »

0 : { »

version_affected : < (string)

version_name : stable (string)

version_value : 2.12.3 (string)

}

]

}

]

}

vendor_name : Google LLC (string)

}

]

}

credit : [ »

0 : { »

lang : eng (string)

value : Vincenzo di Cicco (string)

}

]

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use an XSS attack via DOM clobbering. The validation logic in dart:html for creating DOM nodes from text did not sanitize properly when it came across template tags. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : CWE-79: Improper Neutralization of Input During Web Page Generation (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : https://github.com/dart-lang/sdk/security/advisories/GHSA-3rfv-4jvg-9522 (string)

refsource : CONFIRM (string)

url : https://github.com/dart-lang/sdk/security/advisories/GHSA-3rfv-4jvg-9522 (string)

}

1 : { »

name : https://github.com/dart-lang/sdk/commit/ce5a1c2392debce967415d4c09359ff2555e3588 (string)

refsource : CONFIRM (string)

url : https://github.com/dart-lang/sdk/commit/ce5a1c2392debce967415d4c09359ff2555e3588 (string)

}

]

}

source : { »

discovery : EXTERNAL (string)

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-03T18:44:14.025Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://github.com/dart-lang/sdk/security/advisories/GHSA-3rfv-4jvg-9522 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://github.com/dart-lang/sdk/commit/ce5a1c2392debce967415d4c09359ff2555e3588 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 14ed7db2-1595-443d-9d34-6215bf890778 (string)

assignerShortName : Google (string)

cveId : CVE-2021-22540 (string)

datePublished : 2021-04-22T14:15:17 (string)

dateReserved : 2021-01-05T00:00:00 (string)

dateUpdated : 2024-08-03T18:44:14.025Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:dart:dart_software_development_kit:*:*:*:*:*:*:*:*", "matchCriteriaId": "E9ECB219-E894-4499-9918-2199CA9532EA", "versionEndExcluding": "2.12.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use an XSS attack via DOM clobbering. The validation logic in dart:html for creating DOM nodes from text did not sanitize properly when it came across template tags."}, {"lang": "es", "value": "Una mala l\u00f3gica de comprobaci\u00f3n en el Dart SDK versiones anteriores a 2.12.3 permite a un atacante usar un ataque de tipo XSS por medio de DOM clobbering.&#xa0;La l\u00f3gica de comprobaci\u00f3n en dart: html para crear nodos DOM a partir de texto no se saneaban apropiadamente cuando se encontraba con etiquetas de plantilla"}], "id": "CVE-2021-22540", "lastModified": "2024-11-21T05:50:18.160", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-04-22T15:15:07.930", "references": [{"source": "cve-coordination@google.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/dart-lang/sdk/commit/ce5a1c2392debce967415d4c09359ff2555e3588"}, {"source": "cve-coordination@google.com", "tags": ["Broken Link"], "url": "https://github.com/dart-lang/sdk/security/advisories/GHSA-3rfv-4jvg-9522"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/dart-lang/sdk/commit/ce5a1c2392debce967415d4c09359ff2555e3588"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://github.com/dart-lang/sdk/security/advisories/GHSA-3rfv-4jvg-9522"}], "sourceIdentifier": "cve-coordination@google.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "cve-coordination@google.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:dart:dart_software_development_kit:*:*:*:*:*:*:*:* (string)

matchCriteriaId : E9ECB219-E894-4499-9918-2199CA9532EA (string)

versionEndExcluding : 2.12.3 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use an XSS attack via DOM clobbering. The validation logic in dart:html for creating DOM nodes from text did not sanitize properly when it came across template tags. (string)

}

1 : { »

lang : es (string)

value : Una mala lógica de comprobación en el Dart SDK versiones anteriores a 2.12.3 permite a un atacante usar un ataque de tipo XSS por medio de DOM clobbering. La lógica de comprobación en dart: html para crear nodos DOM a partir de texto no se saneaban apropiadamente cuando se encontraba con etiquetas de plantilla (string)

}

]

id : CVE-2021-22540 (string)

lastModified : 2024-11-21T05:50:18.160 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 4.3 (number)

confidentialityImpact : NONE (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:M/Au:N/C:N/I:P/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : true (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 6.1 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : LOW (string)

integrityImpact : LOW (string)

privilegesRequired : NONE (string)

scope : CHANGED (string)

userInteraction : REQUIRED (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 2.8 (number)

impactScore : 2.7 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2021-04-22T15:15:07.930 (string)

references : [ »

0 : { »

source : cve-coordination@google.com (string)

tags : [ »

0 : Patch (string)

1 : Third Party Advisory (string)

]

url : https://github.com/dart-lang/sdk/commit/ce5a1c2392debce967415d4c09359ff2555e3588 (string)

}

1 : { »

source : cve-coordination@google.com (string)

tags : [ »

0 : Broken Link (string)

]

url : https://github.com/dart-lang/sdk/security/advisories/GHSA-3rfv-4jvg-9522 (string)

}

2 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

1 : Third Party Advisory (string)

]

url : https://github.com/dart-lang/sdk/commit/ce5a1c2392debce967415d4c09359ff2555e3588 (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Broken Link (string)

]

url : https://github.com/dart-lang/sdk/security/advisories/GHSA-3rfv-4jvg-9522 (string)

}

]

sourceIdentifier : cve-coordination@google.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-79 (string)

}

]

source : cve-coordination@google.com (string)

type : Secondary (string)

}

1 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-79 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object