Lucene search
K

10 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/03/19 11:36 p.m.24 views

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Kubernetes ingress-nginx

Summary Multiple vulnerabilities in Kubernetes ingress-nginx used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2022-4886 DESCRIPTION: Kubernetes could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw with path...

8.8CVSS8.3AI score0.56568EPSS
Exploits2Affected Software1
Circl
Circl
added 2023/10/30 8:13 a.m.25 views

CVE-2023-5043

creationtimestamp| type| source ---|---|--- 2023-10-30 08:13:06+00:00| seen| Telegram/MCOtq6YNws1wIQDmkmW4fj5yPvTPQ5hjf1qfUTkU-awDNw 2023-10-30 09:02:14+00:00| seen| https://t.me/KomunitiSiber/999 2023-10-30 17:00:07+00:00| seen| https://t.me/truesecator/5023 2023-11-29 09:38:53+00:00| seen|...

8.8CVSS8.3AI score0.02234EPSS
Exploits0References9
The Hacker News
The Hacker News
added 2023/10/30 6:46 a.m.120 views

Urgent: New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes

Three unpatched high-severity security flaws have been disclosed in the NGINX Ingress controller for Kubernetes that could be weaponized by a threat actor to steal secret credentials from the cluster. The vulnerabilities are as follows - CVE-2022-4886 CVSS score: 8.8 - Ingress-nginx path...

8.2AI score0.56568EPSS
Exploits2
OSV
OSV
added 2023/10/25 9:30 p.m.33 views

GHSA-5WJ4-WFFQ-3378 Ingress nginx annotation injection causes arbitrary command execution

Issue Details A security issue was identified in ingress-nginx where the nginx.ingress.kubernetes.io/configuration-snippet annotation on an Ingress object in the networking.k8s.io or extensions API group can be used to inject arbitrary commands, and obtain the credentials of the ingress-nginx...

7.6CVSS8.2AI score0.02234EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2023/10/25 9:30 p.m.42 views

Ingress nginx annotation injection causes arbitrary command execution

Issue Details A security issue was identified in ingress-nginx where the nginx.ingress.kubernetes.io/configuration-snippet annotation on an Ingress object in the networking.k8s.io or extensions API group can be used to inject arbitrary commands, and obtain the credentials of the ingress-nginx...

8.8CVSS7.4AI score0.02234EPSS
Exploits0References6Affected Software1
Chainguard
Chainguard
added 2023/10/25 8:15 p.m.47 views

CVE-2023-5043 vulnerabilities

Vulnerabilities for packages: ingress-nginx-controller...

6.5CVSS7.4AI score0.02234EPSS
Exploits0
Wolfi
Wolfi
added 2023/10/25 8:15 p.m.303 views

CVE-2023-5043 vulnerabilities

Vulnerabilities for packages: ingress-nginx-controller...

6.5CVSS7.7AI score0.02234EPSS
Exploits0
CVE
CVE
added 2023/10/25 7:18 p.m.246 views

CVE-2023-5043

CVE-2023-5043 affects Kubernetes ingress-nginx where the nginx.ingress.kubernetes.io/configuration-snippet annotation injection allows a remote authenticated attacker to execute arbitrary commands on the system due to improper input validation. IBM’s bulletin associates this CVE with IBM Cloud Ku...

8.8CVSS8.5AI score0.02234EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2023/10/25 7:18 p.m.27 views

CVE-2023-5043 Ingress nginx annotation injection causes arbitrary command execution

Ingress nginx annotation injection causes arbitrary command execution...

7.6CVSS7.4AI score0.02234EPSS
Exploits0References7
Cvelist
Cvelist
added 2023/10/25 7:18 p.m.53 views

CVE-2023-5043 Ingress nginx annotation injection causes arbitrary command execution

Ingress nginx annotation injection causes arbitrary command execution...

7.6CVSS9.2AI score0.02234EPSS
Exploits0References4
Rows per page
Query Builder