{"vulnerability": "CVE-2022-3514", "sightings": [{"uuid": "be9a3610-3b18-4533-b03f-c9a0844c1f68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35147", "type": "seen", "source": "https://t.me/cibsecurity/48313", "content": "\u203c CVE-2022-35147 \u203c\n\nDoraCMS v2.18 and earlier allows attackers to bypass login authentication via a crafted HTTP request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-18T00:40:54.000000Z"}, {"uuid": "2139bb1b-f83f-468c-8b4e-e3afc33f33ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3514", "type": "seen", "source": "https://t.me/cibsecurity/56411", "content": "\u203c CVE-2022-3514 \u203c\n\nAn issue has been discovered in GitLab CE/EE affecting all versions starting from 6.6 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. An attacker may cause Denial of Service on a GitLab instance by exploiting a regex issue in the submodule URL parser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-12T07:30:04.000000Z"}, {"uuid": "dfc24859-7071-4d90-9094-a286d2d2a907", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35143", "type": "seen", "source": "https://t.me/cibsecurity/47594", "content": "\u203c CVE-2022-35143 \u203c\n\nRenato v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-05T00:19:58.000000Z"}, {"uuid": "87c96c8c-b9bf-4f1c-8918-f4d98a85f7d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35142", "type": "seen", "source": "https://t.me/cibsecurity/47592", "content": "\u203c CVE-2022-35142 \u203c\n\nAn issue in Renato v0.17.0 allows attackers to cause a Denial of Service (DoS) via a crafted payload injected into the Search parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-05T00:19:53.000000Z"}, {"uuid": "33ce1bf8-dbb3-4faf-add5-375a711e9b54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35144", "type": "seen", "source": "https://t.me/cibsecurity/47589", "content": "\u203c CVE-2022-35144 \u203c\n\nRenato v0.17.0 was discovered to contain a cross-site scripting (XSS) vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-05T00:19:50.000000Z"}]}