The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3276 advisory.
– In Linaro Automated Validation Architecture (LAVA) before 2022.11, users with valid credentials can submit crafted XMLRPC requests that cause a recursive XML entity expansion, leading to excessive use of memory on the server and a Denial of Service. (CVE-2022-44641)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.Read More
Back to Main