Three New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes
Three New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes
30 October 2023
The vulnerabilities, tracked as CVE-2022-4886, CVE-2023-5043, and CVE-2023-5044, include path sanitization bypass, annotation injection for arbitrary command execution, and code injection via the permanent-redirect annotation.