Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-44641

Опубликовано: 18 нояб. 2022
Источник: nvd
CVSS3: 6.5
EPSS Низкий

Описание

In Linaro Automated Validation Architecture (LAVA) before 2022.11, users with valid credentials can submit crafted XMLRPC requests that cause a recursive XML entity expansion, leading to excessive use of memory on the server and a Denial of Service.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:linaro:lava:*:*:*:*:*:*:*:*
Версия до 2022.11 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

EPSS

Процентиль: 64%
0.00473
Низкий

6.5 Medium

CVSS3

Дефекты

CWE-776
CWE-776

Связанные уязвимости

ubuntu логотип

CVE-2022-44641

CVSS3: 6.5
ubuntu
около 3 лет назад

In Linaro Automated Validation Architecture (LAVA) before 2022.11, users with valid credentials can submit crafted XMLRPC requests that cause a recursive XML entity expansion, leading to excessive use of memory on the server and a Denial of Service.

debian логотип

CVE-2022-44641

CVSS3: 6.5
debian
около 3 лет назад

In Linaro Automated Validation Architecture (LAVA) before 2022.11, use ...

github логотип

GHSA-hj7c-g88c-mq5v

CVSS3: 6.5
github
около 3 лет назад

In Linaro Automated Validation Architecture (LAVA) before 2022.11, users with valid credentials can submit crafted XMLRPC requests that cause a recursive XML entity expansion, leading to excessive use of memory on the server and a Denial of Service.

EPSS

Процентиль: 64%
0.00473
Низкий

6.5 Medium

CVSS3

Дефекты

CWE-776
CWE-776