VYPR
Unrated severityNVD Advisory· Published Oct 13, 2022· Updated May 15, 2025

CVE-2022-42902

CVE-2022-42902

Description

In Linaro Automated Validation Architecture (LAVA) before 2022.10, there is dynamic code execution in lava_server/lavatable.py. Due to improper input sanitization, an anonymous user can force the lava-server-gunicorn service to execute user-provided code on the server.

Affected products

2
  • Linaro/Automated Validation Architecturedescription
  • Linaro/Lavallm-fuzzy
    Range: < 2022.10

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.