VYPR
Moderate severityNVD Advisory· Published Jul 11, 2022· Updated Apr 23, 2025

KubeEdge Cloud AdmissionController component DoS

CVE-2022-31074

Description

KubeEdge is an open source system for extending native containerized application orchestration capabilities to hosts at Edge. Prior to versions 1.11.1, 1.10.2, and 1.9.4, several endpoints in the Cloud AdmissionController may be susceptible to a DoS attack if an HTTP request containing a very large Body is sent to it. The consequence of the exhaustion is that the Cloud AdmissionController will be in denial of service. This bug has been fixed in Kubeedge 1.11.1, 1.10.2, and 1.9.4. There is currently no known workaround.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/kubeedge/kubeedgeGo
>= 1.11.0, < 1.11.11.11.1
github.com/kubeedge/kubeedgeGo
>= 1.10.0, < 1.10.21.10.2
github.com/kubeedge/kubeedgeGo
< 1.9.41.9.4

Affected products

2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.