Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 12:5 p.m.10 views

CVE-2024-7646

A security issue was discovered in ingress-nginx where an actor with permission to create Ingress objects in the networking.k8s.io or extensions API group can bypass annotation validation to inject arbitrary commands and obtain the credentials of the ingress-nginx controller. In the default...

8.8CVSS7.2AI score0.27018EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.21 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Kubernetes ingress-nginx (CVE-2024-7646)

Summary A vulnerability in Kubernetes ingress-nginx that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-7646 DESCRIPTION: Kubernetes ingress-nginx could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an...

8.8CVSS7.4AI score0.27018EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/28 7:37 p.m.38 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Nginx

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Nginx Vulnerability Details CVEID:CVE-2024-7646 DESCRIPTION: Kubernetes ingress-nginx could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an annotation validatio...

8.8CVSS7.9AI score0.27018EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/08/19 5:26 p.m.46 views

GO-2024-3075 CVE-2024-7646 in github.com/kubernetes/ingress-nginx

CVE-2024-7646 in github.com/kubernetes/ingress-nginx. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the...

8.8CVSS8.6AI score0.27018EPSS
Exploits0References5
Circl
Circl
added 2024/08/16 9:14 p.m.14 views

CVE-2024-7646

creationtimestamp| type| source ---|---|--- 2024-08-16 21:14:48+00:00| seen| https://t.me/cvedetector/3354 2024-08-17 14:16:54+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8282 2024-08-17 14:46:06+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8283 2024-08-18...

8.8CVSS7.5AI score0.27018EPSS
Exploits0References12
Cvelist
Cvelist
added 2024/08/16 5:36 p.m.332 views

CVE-2024-7646

A security issue was discovered in ingress-nginx where an actor with permission to create Ingress objects in the networking.k8s.io or extensions API group can bypass annotation validation to inject arbitrary commands and obtain the credentials of the ingress-nginx controller. In the default...

8.8CVSS0.27018EPSS
Exploits0References4
Rows per page
Query Builder