RSS   Vulnerabilities for 'LAVA'   RSS

2018-06-19
 
CVE-2018-12565

CWE-20
 

 
An issue was discovered in Linaro LAVA before 2018.5.post1. Because of use of yaml.load() instead of yaml.safe_load() when parsing user data, remote code execution can occur.

 

 >>> Vendor: Linaro 3 Products
Op-tee
LAVA
Trusted firmware-m


Copyright 2021, cxsecurity.com

 

Back to Top