Lucene search
Veracode Vulnerability DatabaseVERACODE:36320HistoryJul 12, 2022 - 3:59 a.m.
Denial Of Service (DoS)
2022-07-1203:59:21
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
0.002 Low
EPSS
Percentile
52.2%
github.com/kubeedge/kubeedge is vulnerable to denial of service. An attacker can crash the application by sending a malicious HTTP request with a large body into the processMessage function of servicebus.go when users have enabled the ServiceBus module in the edgecore.yaml config file.
References
github.com/kubeedge/kubeedge/commit/327096ebe250185f1a4439394a7c027b72639cb3
github.com/kubeedge/kubeedge/commit/7420c09bb311099f61d79a051ce5446976b1ea4e
github.com/kubeedge/kubeedge/commit/8145284d40da35c493104abcf5667376c6f7e6b9
github.com/kubeedge/kubeedge/pull/4038
github.com/kubeedge/kubeedge/pull/4039
github.com/kubeedge/kubeedge/pull/4042
github.com/kubeedge/kubeedge/security/advisories/GHSA-vwm6-qc77-v2rh
Related
osv
osv
KubeEdge Edge ServiceBus module DoS
2022-07-11 21:00:20
CVE-2022-31073
2022-07-11 20:15:08
nvd
nvd
CVE-2022-31073
2022-07-11 20:15:08
cve
cve
CVE-2022-31073
2022-07-11 20:15:08
prion
prion
Design/Logic Flaw
2022-07-11 20:15:00
cvelist
cvelist
CVE-2022-31073 KubeEdge Edge ServiceBus module DoS
2022-07-11 20:05:13
github
github
KubeEdge Edge ServiceBus module DoS
2022-07-11 21:00:20