6262 matches found
SUSE CVE-2022-4886
Ingress-nginx path sanitization can be bypassed with logformat directive...
SUSE CVE-2023-5043
Ingress nginx annotation injection causes arbitrary command execution...
SUSE CVE-2023-5044
Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation...
Oracle Linux 9 : nginx:1.22 (ELSA-2023-6120)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-6120 advisory. 1:1.22.1-3.0.1.1 - Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack CVE-2023-44487 Tenable has extracted the preceding description block...
AlmaLinux 9 : nginx:1.22 (ALSA-2023:6120)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:6120 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description block...
The vulnerability of the nginx.ingress.kubernetes.io/configuration-snippet component in the Kubernetes ingress-nginx cluster allows a attacker to execute arbitrary code or escalate their privileges.
The vulnerability of the nginx.ingress.kubernetes.io/configuration-snippet component, which handles incoming traffic in the Kubernetes ingress-nginx cluster, is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or increase...
GHSA-5WJ4-WFFQ-3378 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
GHSA-FP9F-44C2-CW27 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
GHSA-5WJ4-WFFQ-3378 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
GHSA-FP9F-44C2-CW27 Ingress-nginx code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation
A security issue was identified in ingress-nginx where the nginx.ingress.kubernetes.io/permanent-redirect annotation on an Ingress object in the networking.k8s.io or extensions API group can be used to inject arbitrary commands, and obtain the credentials of the ingress-nginx controller. In the...
GHSA-5WJ4-WFFQ-3378 Ingress nginx annotation injection causes arbitrary command execution
Issue Details A security issue was identified in ingress-nginx where the nginx.ingress.kubernetes.io/configuration-snippet annotation on an Ingress object in the networking.k8s.io or extensions API group can be used to inject arbitrary commands, and obtain the credentials of the ingress-nginx...
Ingress-nginx code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation
A security issue was identified in ingress-nginx where the nginx.ingress.kubernetes.io/permanent-redirect annotation on an Ingress object in the networking.k8s.io or extensions API group can be used to inject arbitrary commands, and obtain the credentials of the ingress-nginx controller. In the...
Ingress nginx annotation injection causes arbitrary command execution
Issue Details A security issue was identified in ingress-nginx where the nginx.ingress.kubernetes.io/configuration-snippet annotation on an Ingress object in the networking.k8s.io or extensions API group can be used to inject arbitrary commands, and obtain the credentials of the ingress-nginx...
GHSA-GVRM-W2F9-F77Q Ingress-nginx path sanitization can be bypassed
Ingress-nginx path sanitization can be bypassed with logformat directive...
Ingress-nginx path sanitization can be bypassed
Ingress-nginx path sanitization can be bypassed with logformat directive...
CVE-2023-5043
Ingress nginx annotation injection causes arbitrary command execution...
CVE-2023-5044
Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation...
CVE-2023-5043 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
CVE-2023-5044 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
CVE-2023-5044 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...