One Article Review
| Source |  CVE Liste |
|---|---|
| Identifiant | 5137205 |
| Date de publication | 2022-06-13 20:15:07 (vue: 2022-06-13 23:07:46) |
| Titre | CVE-2022-31054 |
| Texte | Argo Events is an event-driven workflow automation framework for Kubernetes. Prior to version 1.7.1, several `HandleRoute` endpoints make use of the deprecated `ioutil.ReadAll()`. `ioutil.ReadAll()` reads all the data into memory. As such, an attacker who sends a large request to the Argo Events server will be able to crash it and cause denial of service. A patch for this vulnerability has been released in Argo Events version 1.7.1. |
| Envoyé | Oui |
| Condensat | 2022 31054 `handleroute` `ioutil able all argo attacker automation been cause crash cve data denial deprecated driven endpoints event events framework has kubernetes large make memory patch prior readall reads released request sends server service several such use version vulnerability who will workflow |
| Tags | Vulnerability |
| Stories | Uber |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.