npm package
raneto
pkg:npm/raneto
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-35142 | — | < 0.17.1 | 0.17.1 | Aug 4, 2022 | An issue in Renato v0.17.0 allows attackers to cause a Denial of Service (DoS) via a crafted payload injected into the Search parameter. | ||
| CVE-2022-35143 | — | < 0.17.1 | 0.17.1 | Aug 4, 2022 | Renato v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks. | ||
| CVE-2022-35144 | — | < 0.17.1 | 0.17.1 | Aug 4, 2022 | Renato v0.17.0 was discovered to contain a cross-site scripting (XSS) vulnerability. |
- CVE-2022-35142Aug 4, 2022affected < 0.17.1fixed 0.17.1
An issue in Renato v0.17.0 allows attackers to cause a Denial of Service (DoS) via a crafted payload injected into the Search parameter.
- CVE-2022-35143Aug 4, 2022affected < 0.17.1fixed 0.17.1
Renato v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks.
- CVE-2022-35144Aug 4, 2022affected < 0.17.1fixed 0.17.1
Renato v0.17.0 was discovered to contain a cross-site scripting (XSS) vulnerability.