Techly NewsGet the app

Get the latest tech news

Multiple vulnerabilities in ingress-Nginx (Score 9.8)


Hello Kubernetes Community, Multiple issues have been discovered in ingress-nginx that can result in arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller.

Before applying the patch, these issues can be partially mitigated by disabling the Validating Admission Controller functionality of ingress-nginx. Additional DetailsAcknowledgements These vulnerabilities were reported by Nir Ohfeld, Ronen Shustin, Sagi Tzadik, and Hillai Ben Sasson, from Wiz These issues were fixed and coordinated by Marco Ebert, James Strong, Tabitha Sable, and the Kubernetes Security Response Committee

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Score

Score

Photo of nginx

nginx

Related news:

News photo

Nginx Rejects Dark Mode Support For Error Pages

News photo

Score! The original Powerbeats Pro are now $70 off, but the deal gets even better with some freebies from Best Buy

News photo

Nginx: try_files Is Evil Too (2024)

« FCC on the prowl for Huawei and other blocked Chinese makers in America
GM blocks dealers from using Apple CarPlay, Android Auto aftermarket kits »