3 matches found
CVE-2022-35144
Incident summary: Renato v0.17.0 contains a cross-site scripting (XSS) vulnerability (CVE-2022-35144). Red Hat and related feeds corroborate XSS details for Renato v0.17.0, with the issue described as an XSS flaw in the application. The provided sources do not specify the vulnerable component, ex...
CVE-2022-35142
The CVE-2022-35142 entry concerns Renato v0.17.0, where a crafted payload in the Search parameter can trigger a Denial of Service (DoS). This is a network-accessible issue (ATT&CK context not explicitly provided) with a CVSSv3.1 base score of 7.5 (High). The vulnerability affects the Search handl...
CVE-2022-35143
Concrete details found: Renato v0.17.0 is affected by weak password complexity requirements that enable brute-force password cracking. Red Hat CVE entries corroborate the issue for Renato v0.17.0. The scope includes the core software and its auth flow; impact is high confidentiality, integrity, a...