Urgent: New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes

By Newsroom — October 30^th 2023 at 06:46

Three unpatched high-severity security flaws have been disclosed in the NGINX Ingress controller for Kubernetes that could be weaponized by a threat actor to steal secret credentials from the cluster. The vulnerabilities are as follows - CVE-2022-4886 (CVSS score: 8.8) - Ingress-nginx path sanitization can be bypassed to obtain the credentials of the ingress-nginx controller CVE-2023-5043 (

FreshRSS

Urgent: New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes