CVE-2022-44641

Description

In Linaro Automated Validation Architecture (LAVA) before 2022.11, users with valid credentials can submit crafted XMLRPC requests that cause a recursive XML entity expansion, leading to excessive use of memory on the server and a Denial of Service.

Related CPE's

a linaro lava ********

References

https://lists.lavasoftware.org/archives/list/[email protected]/thread/WHXGQMIZAPW3GCQEXYHC32N2ZAAAIYCY/

Mailing ListPatchVendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io