{"uuid": "a071879f-65f9-4e07-89aa-494e3cb99446", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4886", "type": "seen", "source": "https://t.me/KomunitiSiber/999", "content": "Urgent: New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes\nhttps://thehackernews.com/2023/10/urgent-new-security-flaws-discovered-in.html\n\nThree unpatched high-severity security flaws have been disclosed in the\u00a0NGINX Ingress controller\u00a0for Kubernetes that could be weaponized by a threat actor to steal secret credentials from the cluster.\nThe vulnerabilities are as follows -\u00a0\n\nCVE-2022-4886\u00a0(CVSS score: 8.8) -\u00a0Ingress-nginx\u00a0path sanitization can be bypassed to obtain the credentials of the ingress-nginx controller\nCVE-2023-5043\u00a0(", "creation_timestamp": "2023-10-30T09:02:14.000000Z"}