2 matches found
CVE-2022-31078 KubeEdge CloudCore Router memory exhaustion
KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, the CloudCore Router does not impose a limit on the size of responses to requests made by the REST handler. An attacker could...
CVE-2022-31078
KubeEdge CloudCore Router memory exhaustion DoS vulnerability (CVE-2022-31078) affects pre-1.11.1, pre-1.10.2, and pre-1.9.4 releases. The REST handler’s HTTP response size is not limited, allowing an authenticated cloud user to trigger a large response that exhausts memory and causes CloudCore d...