CVE-2018-12564
Debian Security Advisory 4234-1
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for URLs in the submit page, a user can forge an HTTP request that will force lava-server-gunicorn to return any file on the server that is readable by lavaserver and valid yaml.
Se ha descubierto un problema en Linaro LAVA en versiones anteriores a la 2018.5.post1. Debido al soporte para URL en la página submit, un usuario puede falsificar una petición HTTP que forzará a lava-server-gunicorn a devolver cualquier archivo en el servidor que pueda ser leído por lavaserver y un yaml válido.
Two vulnerabilities were discovered in LAVA, a continuous integration system for deploying operating systems for running tests, which could result in information disclosure of files readable by the lavaserver system user or the execution of arbitrary code via a XMLRPC call.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-06-19 CVE Reserved
- 2018-06-19 CVE Published
- 2024-08-05 CVE Updated
- 2025-04-04 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://lists.debian.org/debian-lts-announce/2018/06/msg00011.html | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://git.linaro.org/lava/lava.git/commit/?id=95a9a77b144ced24d7425d6544ab03ca7f6c75d3 | 2018-08-10 |
| URL | Date | SRC |
|---|---|---|
| https://www.debian.org/security/2018/dsa-4234 | 2018-08-10 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linaro Search vendor "Linaro" | Lava Search vendor "Linaro" for product "Lava" | < 2018.5.post1 Search vendor "Linaro" for product "Lava" and version " < 2018.5.post1" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||