Lucene search
MitreCVELIST:CVE-2022-42902HistoryOct 13, 2022 - 12:00 a.m.
CVE-2022-42902
2022-10-1300:00:00
mitre
www.cve.org
5
linaro automated validation architecture
code execution
input sanitization
anonymous user
server
In Linaro Automated Validation Architecture (LAVA) before 2022.10, there is dynamic code execution in lava_server/lavatable.py. Due to improper input sanitization, an anonymous user can force the lava-server-gunicorn service to execute user-provided code on the server.
Related
osv
osv
lava - security update
2022-10-23 00:00:00
lava - security update
2022-11-17 00:00:00
nessus
nessus
Debian DSA-5260-1 : lava - security update
2022-10-23 00:00:00
Debian DLA-3192-1 : lava - LTS security update
2022-11-17 00:00:00
debiancve
debiancve
CVE-2022-42902
2022-10-13 03:15:09
prion
prion
Input validation
2022-10-13 03:15:00
openvas
openvas
Debian: Security Advisory (DLA-3192-1)
2022-11-18 00:00:00
Debian: Security Advisory (DSA-5260-1)
2022-10-25 00:00:00
nvd
nvd
CVE-2022-42902
2022-10-13 03:15:09
debian
debian
[SECURITY] [DSA 5260-1] lava security update
2022-10-23 18:38:14
[SECURITY] [DLA 3192-1] lava security update
2022-11-17 10:19:09
ubuntucve
ubuntucve
CVE-2022-42902
2022-10-13 00:00:00
veracode
veracode
Authentication Bypass
2022-11-16 20:34:34
cve
cve
CVE-2022-42902
2022-10-13 03:15:09