Dart fixes
003 – Symmetric denial of service004 – Remote command execution006 – Authentication mechanism absence or evasion007 – Cross-site request forgery009 – Sensitive information in source code011 – Use of software with known vulnerabilities013 – Insecure object reference014 – Insecure functionality017 – Sensitive information sent insecurely020 – Non-encrypted confidential information021 – XPath injection022 – Use of an insecure channel028 – Insecure temporary files033 – Password change without identity check034 – Insecure generation of random numbers036 – ViewState not encrypted039 – Improper authorization control for web services042 – Insecurely generated cookies043 – Insecure or unset HTTP headers - Content-Security-Policy052 – Insecure encryption algorithm053 – Lack of protection against brute force attacks059 – Sensitive information stored in logs060 – Insecure service configuration - Host verification066 – Technical information leak - Console functions067 – Improper resource allocation068 – Insecure session expiration time071 – Insecure or unset HTTP headers - Referrer-Policy076 – Insecure session management078 – Insecurely generated token079 – Non-upgradable dependencies088 – Privacy violation089 – Lack of data validation - Trust boundary violation091 – Log injection092 – Insecure encryption algorithm - Anonymous cipher suites094 – Insecure encryption algorithm - Cipher Block Chaining095 – Data uniqueness not properly verified096 – Insecure deserialization098 – External control of file name or path102 – Email uniqueness not properly verified106 – NoSQL injection108 – Improper control of interaction frequency113 – Improper type assignation115 – Security controls bypass or absence118 – Regulation infringement119 – Metadata with sensitive information120 – Improper dependency pinning124 – Race condition127 – Lack of data validation - Type confusion128 – Insecurely generated cookies - HttpOnly129 – Insecurely generated cookies - SameSite130 – Insecurely generated cookies - Secure132 – Insecure or unset HTTP headers - X-Content-Type-Options133 – Insecure encryption algorithm - Perfect Forward Secrecy134 – Insecure or unset HTTP headers - CORS137 – Insecure or unset HTTP headers - X-Permitted-Cross-Domain-Policies138 – Inappropriate coding practices140 – Insecure exceptions - Empty or no catch141 – Lack of data validation - URL142 – Sensitive information in source code - API Key143 – Inappropriate coding practices - Eval function145 – Inappropriate coding practices - Cyclomatic complexity147 – Insecure encryption algorithm - SSLContext150 – Use of an insecure channel - useSslProtocol()153 – Insecure or unset HTTP headers - Accept156 – Uncontrolled external site redirect160 – Excessive privileges - Temporary Files164 – Insecure service configuration169 – Insecure service configuration - Keys183 – Debugging enabled in production184 – Lack of data validation185 – Lack of data validation - Header x-amzn-RequestId187 – Lack of data validation - Source Code190 – Lack of data validation - Session Cookie191 – Lack of data validation - Responses192 – Lack of data validation - Reflected Parameters194 – Lack of data validation - Input Length195 – Lack of data validation - Headers196 – Lack of data validation - Dates197 – Lack of data validation - Numbers199 – Lack of data validation - Emails201 – Unauthorized access to files204 – Insufficient data authenticity validation211 – Asymmetric denial of service - ReDoS213 – Business information leak - JWT216 – Business information leak - Source Code217 – Business information leak - Credit Cards220 – Business information leak - Token222 – Business information leak - DB226 – Business information leak - Personal Information230 – Business information leak - Firestore233 – Incomplete functional code234 – Technical information leak - Stacktrace236 – Technical information leak - SourceMap237 – Technical information leak - Print Functions240 – Authentication mechanism absence or evasion - OTP243 – Authentication mechanism absence or evasion - Admin Console246 – Non-encrypted confidential information - DB248 – Non-encrypted confidential information - LDAP249 – Non-encrypted confidential information - Credentials254 – Automatic information enumeration - Credit Cards269 – Insecure encryption algorithm - Blowfish270 – Insecure functionality - File Creation271 – Insecure functionality - Password management272 – Insecure functionality - Masking273 – Insecure functionality - Fingerprint275 – Non-encrypted confidential information - Local data276 – Sensitive information sent via URL parameters - Session278 – Insecure exceptions - NullPointerException282 – Insecure encryption algorithm - ECB283 – Automatic information enumeration - Personal Information286 – Insecure object reference - Personal information288 – Insecure object reference - Financial information294 – Insecure service configuration - OTP295 – Insecure session management - Change Password298 – Authentication mechanism absence or evasion - Redirect302 – Insecure functionality - Session management305 – Security controls bypass or absence - Data creation306 – Insecure object reference - Files307 – Insecure object reference - Data308 – Enabled default configuration309 – Insecurely generated token - JWT313 – Insecure service configuration - Certificates317 – Improper resource allocation - Memory leak318 – Insecurely generated token - Validation319 – Insecure service configuration - Roles321 – Lack of data validation - HTML code322 – Insecurely generated token - Lifespan324 – Insecure functionality - User management326 – Sensitive information in source code - Dependencies327 – Insufficient data authenticity validation - Images328 – Insecure object reference - Session management329 – Insecure or unset HTTP headers - Content-Type330 – Lack of protection against brute force attacks - Credentials332 – Use of insecure channel - Source code337 – Insecure session management - CSRF Fixation339 – Insecure service configuration - Request Validation340 – Lack of data validation - Special Characters341 – Lack of data validation - OTP344 – Lack of data validation - Non Sanitized Variables345 – Security controls bypass or absence - Session Invalidation353 – Lack of data validation - Token354 – Insecure file upload - Files Limit355 – Insufficient data authenticity validation - Checksum verification359 – Sensitive information in source code - Credentials365 – Authentication mechanism absence or evasion - Response tampering369 – Insecure object reference - User deletion372 – Use of an insecure channel - HTTP378 – Non-encrypted confidential information - Hexadecimal383 – Insecurely generated token - OTP384 – Inappropriate coding practices - Wildcard export385 – Non-encrypted confidential information - Keys387 – Insecure service configuration - Object Reutilization391 – Inappropriate coding practices - Unused properties393 – Use of software with known vulnerabilities in development395 – Insecure generation of random numbers - Static IV410 – Dependency Confusion414 – Insecure service configuration - Header Checking420 – Password reset poisoning421 – Insecure encryption algorithm - Insecure Elliptic Curve428 – Inappropriate coding practices - invalid file435 – Use of software with known vulnerabilities in environments