Raneto is vulnerable to Denial of Service. The vulnerability is due to the GET
search endpoint located at app/routes/search.route.js
. An unauthenticated attacker can supply a malicious search query, crashing the program.
raneto.com/
cwe.mitre.org/data/definitions/703.html
gainsec.com/2022/08/04/cve-2022-35142-cve-2022-35143-cve-2022-35144/
github.com/gilbitron/Raneto/commit/7ee6ae89cbdcc77156f29b1ef86343b85cbce922
github.com/gilbitron/Raneto/pull/370
github.com/gilbitron/Raneto/releases
github.com/gilbitron/Raneto/releases/tag/0.17.1