10 matches found
Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Kubernetes ingress-nginx
Summary Multiple vulnerabilities in Kubernetes ingress-nginx used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2022-4886 DESCRIPTION: Kubernetes could allow a remote authenticated attacker to obtain sensitive information, caused by a flaw with path...
CVE-2023-5043
creationtimestamp| type| source ---|---|--- 2023-10-30 08:13:06+00:00| seen| Telegram/MCOtq6YNws1wIQDmkmW4fj5yPvTPQ5hjf1qfUTkU-awDNw 2023-10-30 09:02:14+00:00| seen| https://t.me/KomunitiSiber/999 2023-10-30 17:00:07+00:00| seen| https://t.me/truesecator/5023 2023-11-29 09:38:53+00:00| seen|...
Urgent: New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes
Three unpatched high-severity security flaws have been disclosed in the NGINX Ingress controller for Kubernetes that could be weaponized by a threat actor to steal secret credentials from the cluster. The vulnerabilities are as follows - CVE-2022-4886 CVSS score: 8.8 - Ingress-nginx path...
GHSA-5WJ4-WFFQ-3378 Ingress nginx annotation injection causes arbitrary command execution
Issue Details A security issue was identified in ingress-nginx where the nginx.ingress.kubernetes.io/configuration-snippet annotation on an Ingress object in the networking.k8s.io or extensions API group can be used to inject arbitrary commands, and obtain the credentials of the ingress-nginx...
Ingress nginx annotation injection causes arbitrary command execution
Issue Details A security issue was identified in ingress-nginx where the nginx.ingress.kubernetes.io/configuration-snippet annotation on an Ingress object in the networking.k8s.io or extensions API group can be used to inject arbitrary commands, and obtain the credentials of the ingress-nginx...
CVE-2023-5043 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
CVE-2023-5043 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
CVE-2023-5043
CVE-2023-5043 affects Kubernetes ingress-nginx where the nginx.ingress.kubernetes.io/configuration-snippet annotation injection allows a remote authenticated attacker to execute arbitrary commands on the system due to improper input validation. IBM’s bulletin associates this CVE with IBM Cloud Ku...
CVE-2023-5043 Ingress nginx annotation injection causes arbitrary command execution
Ingress nginx annotation injection causes arbitrary command execution...
CVE-2023-5043 Ingress nginx annotation injection causes arbitrary command execution
Ingress nginx annotation injection causes arbitrary command execution...