Lucene search
Veracode Vulnerability DatabaseVERACODE:36327HistoryJul 12, 2022 - 6:46 a.m.
Denial Of Service (DoS)
2022-07-1206:46:20
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.001 Low
EPSS
Percentile
34.8%
github.com/kubeedge/kubeedge is vulnerable to denial of service (DoS) attacks. An attacker is able to cause denial of service conditions via memory exhaustion by sending a specifically crafted HTTP request with a large body through the signEdgeCert function in server.go.
References
github.com/kubeedge/kubeedge/commit/27a6957ee7685884a7d9b3d87c13f61625cb3bc9
github.com/kubeedge/kubeedge/commit/6ccb68fae799d210d9f304df9cba210c492432a7
github.com/kubeedge/kubeedge/commit/ecca82fd5d0b0891dbd562f4d4349443d958b9df
github.com/kubeedge/kubeedge/pull/4038
github.com/kubeedge/kubeedge/pull/4039
github.com/kubeedge/kubeedge/pull/4042
github.com/kubeedge/kubeedge/security/advisories/GHSA-x3px-2p95-f6jr
Related
prion
prion
Authorization
2022-07-11 21:15:00
cve
cve
CVE-2022-31075
2022-07-11 21:15:08
cvelist
cvelist
CVE-2022-31075 KubeEdge DoS when signing the CSR from EdgeCore
2022-07-11 20:15:12
nvd
nvd
CVE-2022-31075
2022-07-11 21:15:08
osv
osv
KubeEdge DoS when signing the CSR from EdgeCore
2022-07-11 21:04:04
CVE-2022-31075
2022-07-11 21:15:08
github
github
KubeEdge DoS when signing the CSR from EdgeCore
2022-07-11 21:04:04