Lucene search
Lava Security Vulnerabilities - CVSS Score 9 - 10
cve
In Linaro Automated Validation Architecture (LAVA) before 2022.11.1, remote code execution can be achieved through user-submitted Jinja2 template. The REST API endpoint for validating device configuration files in lava-server loads input as a Jinja2 template in a way that can be used to trigger rem...
9.8CVSS
9.7AI Score
0.008EPSS
2022-11-18 11:15 PM
45
8