2 matches found
CVE-2022-31075
CVE-2022-31075 affects KubeEdge EdgeCore when the CloudHub module is enabled. A maliciously crafted HTTP request to /edge.crt with a very large body can exhaust memory and crash the CloudHub HTTP service, leading to a denial of service. This vulnerability exists in versions prior to 1.11.1, 1.10....
CVE-2022-31075 KubeEdge DoS when signing the CSR from EdgeCore
KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, EdgeCore may be susceptible to a DoS attack on CloudHub if an attacker was to send a well-crafted HTTP request to /edge.crt. I...