CVE-2022-31074

KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, several endpoints in the Cloud AdmissionController may be susceptible to a DoS attack if an HTTP request containing a very lar...

CVE-2022-31078

KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, the CloudCore Router does not impose a limit on the size of responses to requests made by the REST handler. An attacker could...

CVE-2022-31075

KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, EdgeCore may be susceptible to a DoS attack on CloudHub if an attacker was to send a well-crafted HTTP request to /edge.crt. I...

CVE-2022-31079

KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, the Cloud Stream server and the Edge Stream server reads the entire message into memory without imposing a limit on the size o...

CVE-2022-31080

KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, a large response received by the viaduct WSClient can cause a DoS from memory exhaustion. The entire body of the response is...

EUVD-2022-6183

Malicious code in bioql PyPI...

EUVD-2022-6440

Malicious code in bioql PyPI...

EUVD-2022-5992

Malicious code in bioql PyPI...

EUVD-2022-6265

Malicious code in bioql PyPI...

EUVD-2022-6403

Malicious code in bioql PyPI...

EUVD-2022-6425

Malicious code in bioql PyPI...

EUVD-2022-6445

Malicious code in bioql PyPI...

EUVD-2022-6427

Malicious code in bioql PyPI...

CVE-2022-31073

KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, the ServiceBus server on the edge side may be susceptible to a DoS attack if an HTTP request containing a very large Body is...

CVE-2022-31077

KubeEdge is built upon Kubernetes and extends native containerized application orchestration and device management to hosts at the Edge. In affected versions a malicious message response from KubeEdge can crash the CSI Driver controller server by triggering a nil-pointer dereference panic. As a...

CVE-2022-31076

KubeEdge is built upon Kubernetes and extends native containerized application orchestration and device management to hosts at the Edge. In affected versions a malicious message can crash CloudCore by triggering a nil-pointer dereference in the UDS Server. Since the UDS Server only communicates...

GO-2022-0507 KubeEdge Edge ServiceBus module DoS in github.com/kubeedge/kubeedge

KubeEdge Edge ServiceBus module DoS in github.com/kubeedge/kubeedge...

GO-2022-0510 KubeEdge CloudCore Router memory exhaustion vulnerability in github.com/kubeedge/kubeedge

KubeEdge CloudCore Router memory exhaustion vulnerability in github.com/kubeedge/kubeedge...

GO-2022-0509 KubeEdge DoS when signing the CSR from EdgeCore in github.com/kubeedge/kubeedge

KubeEdge DoS when signing the CSR from EdgeCore in github.com/kubeedge/kubeedge...

GO-2022-0511 KubeEdge Cloud Stream and Edge Stream DoS from large stream message in github.com/kubeedge/kubeedge

KubeEdge Cloud Stream and Edge Stream DoS from large stream message in github.com/kubeedge/kubeedge...