Lucene search
K

45 matches found

CNNVD
CNNVD
added 2022/07/11 12:0 a.m.5 views

KubeEdge 资源管理错误漏洞

KubeEdge is KubeEdge open source a Kubernetes native edge computing framework. Built on Kubernetes and extends native containerized application orchestration and device management to edge hosts. A resource management error vulnerability exists in KubeEdge versions prior to 1.11.1, 1.10.2, and...

6.5CVSS6.5AI score0.00927EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/07/11 12:0 a.m.6 views

PT-2022-20510 · Kubeedge · Kubeedge

Name of the Vulnerable Software and Affected Versions: KubeEdge versions prior to 1.11.1 KubeEdge versions prior to 1.10.2 KubeEdge versions prior to 1.9.4 Description: EdgeCore may be susceptible to a DoS attack on CloudHub if an attacker sends a well-crafted HTTP request to "/edge.crt". If the...

6.5CVSS7.1AI score0.00927EPSS
Exploits0References6
NVD
NVD
added 2022/06/27 8:15 p.m.33 views

CVE-2022-31076

KubeEdge is built upon Kubernetes and extends native containerized application orchestration and device management to hosts at the Edge. In affected versions a malicious message can crash CloudCore by triggering a nil-pointer dereference in the UDS Server. Since the UDS Server only communicates...

5.7CVSS0.00614EPSS
Exploits1References2
Prion
Prion
added 2022/06/27 8:15 p.m.20 views

Design/Logic Flaw

KubeEdge is built upon Kubernetes and extends native containerized application orchestration and device management to hosts at the Edge. In affected versions a malicious message can crash CloudCore by triggering a nil-pointer dereference in the UDS Server. Since the UDS Server only communicates...

2.7CVSS5.4AI score0.00614EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/06/27 8:10 p.m.29 views

CVE-2022-31076 Malicious Message can crash CloudCore in KubeEdge

KubeEdge is built upon Kubernetes and extends native containerized application orchestration and device management to hosts at the Edge. In affected versions a malicious message can crash CloudCore by triggering a nil-pointer dereference in the UDS Server. Since the UDS Server only communicates...

4.2CVSS5.4AI score0.00614EPSS
Exploits1References4
OSV
OSV
added 2022/06/25 7:19 a.m.20 views

GHSA-8F4F-V9X5-CG6J CloudCore UDS Server: Malicious Message can crash CloudCore

Impact A malicious message can crash CloudCore by triggering a null-pointer dereference in the UDS Server. Since the UDS Server only communicates with the CSI Driver on the cloud side, the attack is limited to the local host network. As such, an attacker would already need to be an authenticated...

4.2CVSS4.7AI score0.00614EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2022/06/25 7:19 a.m.44 views

CloudCore UDS Server: Malicious Message can crash CloudCore

Impact A malicious message can crash CloudCore by triggering a null-pointer dereference in the UDS Server. Since the UDS Server only communicates with the CSI Driver on the cloud side, the attack is limited to the local host network. As such, an attacker would already need to be an authenticated...

5.7CVSS5.3AI score0.00614EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2021/08/05 9:15 p.m.19 views

CVE-2021-1630

XML external entity XXE vulnerability affecting certain versions of a Mule runtime component that may affect CloudHub, GovCloud, Runtime Fabric, Pivotal Cloud Foundry, Private Cloud Edition, and on-premise customers...

7.5CVSS7.1AI score
Exploits0References1
Prion
Prion
added 2021/08/05 9:15 p.m.15 views

Xxe

XML external entity XXE vulnerability affecting certain versions of a Mule runtime component that may affect CloudHub, GovCloud, Runtime Fabric, Pivotal Cloud Foundry, Private Cloud Edition, and on-premise customers...

5CVSS7.5AI score0.01074EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/08/05 8:29 p.m.29 views

CVE-2021-1630

XML external entity XXE vulnerability affecting certain versions of a Mule runtime component that may affect CloudHub, GovCloud, Runtime Fabric, Pivotal Cloud Foundry, Private Cloud Edition, and on-premise customers...

7.7AI score0.01074EPSS
Exploits0References1
CVE
CVE
added 2021/08/05 8:29 p.m.207 views

CVE-2021-1630

CVE-2021-1630 is an XML External Entity (XXE) vulnerability in a Mule runtime component affecting multiple deployment options (CloudHub, GovCloud, Runtime Fabric, Pivotal Cloud Foundry, Private Cloud Edition, and on‑premises). The connected data consistently describe XXE as the underlying flaw, b...

7.5CVSS7.5AI score0.01074EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2021/03/26 5:15 p.m.19 views

CVE-2021-1626

MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Versions affected: Mule 4.1.x and 4.2.x runtime released before February 2, 2021...

9.8CVSS0.02031EPSS
Exploits0References1
OSV
OSV
added 2021/03/26 5:15 p.m.16 views

CVE-2021-1627

MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. This affects: Mule 3.8.x,3.9.x,4.x runtime released before February 2, 2021...

9.8CVSS6.9AI score
Exploits0References1
OSV
OSV
added 2021/03/26 5:15 p.m.10 views

CVE-2021-1626

MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Versions affected: Mule 4.1.x and 4.2.x runtime released before February 2, 2021...

9.8CVSS7.6AI score
Exploits0References1
NVD
NVD
added 2021/03/26 5:15 p.m.27 views

CVE-2021-1628

MuleSoft is aware of a XML External Entity XXE vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Affected versions: Mule 4.x runtime released before February 2, 2021...

9.8CVSS0.01198EPSS
Exploits0References1
NVD
NVD
added 2021/03/26 5:15 p.m.16 views

CVE-2021-1627

MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. This affects: Mule 3.8.x,3.9.x,4.x runtime released before February 2, 2021...

9.8CVSS0.01043EPSS
Exploits0References1
Prion
Prion
added 2021/03/26 5:15 p.m.12 views

Server side request forgery (ssrf)

MuleSoft is aware of a Server Side Request Forgery vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. This affects: Mule 3.8.x,3.9.x,4.x runtime released before February 2, 2021...

7.5CVSS9.4AI score0.01043EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/03/26 5:15 p.m.17 views

Remote code execution

MuleSoft is aware of a Remote Code Execution vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Versions affected: Mule 4.1.x and 4.2.x runtime released before February 2, 2021...

7.5CVSS9.6AI score0.02031EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2021/03/26 5:15 p.m.13 views

Xxe

MuleSoft is aware of a XML External Entity XXE vulnerability affecting certain versions of a Mule runtime component that may affect both CloudHub and on-premise customers. Affected versions: Mule 4.x runtime released before February 2, 2021...

7.5CVSS9.4AI score0.01198EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/03/26 4:19 p.m.176 views

CVE-2021-1628

CVE-2021-1628 : MuleSoft’s XXE vulnerability affects MuleSoft Mule 4.x runtime versions released before 2 Feb 2021, impacting both CloudHub and on‑premise deployments. The issue stems from XML External Entity handling in the Mule runtime component. The connected documents confirm the affected pro...

9.8CVSS9.4AI score0.01198EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder