Browse all 8 CVE security advisories affecting kubeedge. AI-powered Chinese analysis, POCs, and references for each vulnerability.
KubeEdge extends Kubernetes capabilities to edge computing environments, enabling hybrid cloud-edge deployments. Historically, it has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, with eight CVEs documented. Security concerns often center on authentication mechanisms and API server exposures. While no major public incidents have been widely reported, the project's distributed architecture introduces unique attack surfaces. Regular security updates and proper configuration are critical given its role in managing edge devices. The platform's lightweight design and native Kubernetes integration remain valuable, but deployments should implement network segmentation and input validation to mitigate identified risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-31080 | KubeEdge Websocket Client in package Viaduct: DoS from large response message — kubeedgeCWE-400 | 4.4 | Medium | 2022-07-11 |
| CVE-2022-31079 | KubeEdge Cloud Stream and Edge Stream DoS from large stream message — kubeedgeCWE-400 | 4.4 | Medium | 2022-07-11 |
| CVE-2022-31078 | KubeEdge CloudCore Router memory exhaustion — kubeedgeCWE-400 | 4.4 | Medium | 2022-07-11 |
| CVE-2022-31075 | KubeEdge DoS when signing the CSR from EdgeCore — kubeedgeCWE-400 | 4.9 | Medium | 2022-07-11 |
| CVE-2022-31074 | KubeEdge Cloud AdmissionController component DoS — kubeedgeCWE-400 | 4.5 | Medium | 2022-07-11 |
| CVE-2022-31073 | KubeEdge Edge ServiceBus module DoS — kubeedgeCWE-400 | 6.5 | Medium | 2022-07-11 |
| CVE-2022-31077 | Malicious response from KubeEdge can crash CSI Driver controller server — kubeedgeCWE-476 | 4.0 | Medium | 2022-06-27 |
| CVE-2022-31076 | Malicious Message can crash CloudCore in KubeEdge — kubeedgeCWE-476 | 4.2 | Medium | 2022-06-27 |
This page lists every published CVE security advisory associated with kubeedge. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.