Skip to main content

Raneto

3 CVEs product

Monthly

CVE-2022-35144 npm MEDIUM POC PATCH This Month

Renato v0.17.0 was discovered to contain a cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Raneto
NVD GitHub
CVSS 3.1
4.8
EPSS
0.7%
CVE-2022-35143 npm CRITICAL POC PATCH Act Now

Renato v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Brute Force Raneto
NVD GitHub
CVSS 3.1
9.8
EPSS
1.3%
CVE-2022-35142 npm HIGH POC PATCH This Week

An issue in Renato v0.17.0 allows attackers to cause a Denial of Service (DoS) via a crafted payload injected into the Search parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Denial Of Service Raneto
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
EPSS 1% CVSS 4.8
MEDIUM POC PATCH This Month

Renato v0.17.0 was discovered to contain a cross-site scripting (XSS) vulnerability. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Raneto
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC PATCH Act Now

Renato v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Brute Force Raneto
NVD GitHub
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

An issue in Renato v0.17.0 allows attackers to cause a Denial of Service (DoS) via a crafted payload injected into the Search parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Denial Of Service Raneto
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy