Node.js: Node.js Permission Model bypass: UDS server bind/listen works without `--allow-net`

Vulnerability description not provided...

EUVD-2022-5992

Malicious code in bioql PyPI...

GO-2022-0500 CloudCore UDS Server: Malicious Message can crash CloudCore in github.com/kubeedge/kubeedge

CloudCore UDS Server: Malicious Message can crash CloudCore in github.com/kubeedge/kubeedge...

CVE-2022-31076

KubeEdge is built upon Kubernetes and extends native containerized application orchestration and device management to hosts at the Edge. In affected versions a malicious message can crash CloudCore by triggering a nil-pointer dereference in the UDS Server. Since the UDS Server only communicates...

Design/Logic Flaw

KubeEdge is built upon Kubernetes and extends native containerized application orchestration and device management to hosts at the Edge. In affected versions a malicious message can crash CloudCore by triggering a nil-pointer dereference in the UDS Server. Since the UDS Server only communicates...

CVE-2022-31076

KubeEdge vulnerability CVE-2022-31076 affects CloudCore’s UDS Server. A crafted message can trigger a nil-pointer dereference when the unixsocket switch is enabled in cloudcore.yaml, crashing CloudCore. Impact is local to the host network and assumes the attacker is an authenticated Cloud user; e...

CVE-2022-31076 Malicious Message can crash CloudCore in KubeEdge

KubeEdge is built upon Kubernetes and extends native containerized application orchestration and device management to hosts at the Edge. In affected versions a malicious message can crash CloudCore by triggering a nil-pointer dereference in the UDS Server. Since the UDS Server only communicates...

CVE-2022-31076 Malicious Message can crash CloudCore in KubeEdge

KubeEdge is built upon Kubernetes and extends native containerized application orchestration and device management to hosts at the Edge. In affected versions a malicious message can crash CloudCore by triggering a nil-pointer dereference in the UDS Server. Since the UDS Server only communicates...

CloudCore UDS Server: Malicious Message can crash CloudCore

Impact A malicious message can crash CloudCore by triggering a null-pointer dereference in the UDS Server. Since the UDS Server only communicates with the CSI Driver on the cloud side, the attack is limited to the local host network. As such, an attacker would already need to be an authenticated...

GHSA-8F4F-V9X5-CG6J CloudCore UDS Server: Malicious Message can crash CloudCore

Impact A malicious message can crash CloudCore by triggering a null-pointer dereference in the UDS Server. Since the UDS Server only communicates with the CSI Driver on the cloud side, the attack is limited to the local host network. As such, an attacker would already need to be an authenticated...

PT-2022-20511 · Kubeedge · Kubeedge

Name of the Vulnerable Software and Affected Versions: KubeEdge versions prior to 1.11.0 KubeEdge versions prior to 1.10.1 KubeEdge versions prior to 1.9.3 Description: A malicious message can crash CloudCore by triggering a nil-pointer dereference in the UDS Server. The attack is limited to the...