Urgent: New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes

Posted on November 3, 2023

Three unpatched high-severity security flaws have been disclosed in the NGINX Ingress controller for Kubernetes that could be weaponized by a threat actor to steal secret credentials from the cluster.
The vulnerabilities are as follows –

CVE-2022-4886 (CVSS score: 8.8) – Ingress-nginx path sanitization can be bypassed to obtain the credentials of the ingress-nginx controller
CVE-2023-5043 (

Related Posts

Microsoft Tests Sticking Ads in Windows 11 Settings Menu

NASA Calls on Commercial Partners to Design a Spacecraft to Deorbit the ISS

Fandoms Collide in DC Studios’ The Flash Toys and Merch

Microsoft Patch Tuesday for June 2023 fixes 6 critical flaws