📦

lava

Vendor: linaro

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 0 Code Available
Total RCEs 4 Remote Access
Total CVEs 6 Total Indexed
Avg. EPSS 1.52% Exploit Prob.
Latest CVE CVE-2022-45132 Nov 18

Security Vulnerability Index

Page 1 / 1
9.8 CVSS
CVE-2022-45132
RCE

In Linaro Automated Validation Architecture (LAVA) before 2022.11.1, remote code execution can be achieved through user-submitted Jinja2 template. The REST API endpoint for validating device configuration files in lava-server loads input as a Jinja2 template in a way that can be used to trigger remote code execution in the LAVA server.

EPSS: 4.71%
6.5 CVSS
CVE-2022-44641
RCE

In Linaro Automated Validation Architecture (LAVA) before 2022.11, users with valid credentials can submit crafted XMLRPC requests that cause a recursive XML entity expansion, leading to excessive use of memory on the server and a Denial of Service.

EPSS: 0.36%
8.8 CVSS
CVE-2022-42902
RCE

In Linaro Automated Validation Architecture (LAVA) before 2022.10, there is dynamic code execution in lava_server/lavatable.py. Due to improper input sanitization, an anonymous user can force the lava-server-gunicorn service to execute user-provided code on the server.

EPSS: 0.98%
8.8 CVSS
CVE-2018-12565
RCE

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of use of yaml.load() instead of yaml.safe_load() when parsing user data, remote code execution can occur.

EPSS: 2.50%
6.5 CVSS
CVE-2018-12564

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for URLs in the submit page, a user can forge an HTTP request that will force lava-server-gunicorn to return any file on the server that is readable by lavaserver and valid yaml.

EPSS: 0.31%
6.5 CVSS
CVE-2018-12563

An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for file: URLs, a user can force lava-server-gunicorn to download any file from the filesystem if it's readable by lavaserver and valid yaml.

EPSS: 0.26%