Regarding current vulnerabilities in NGINX CVE-2023-5043/CVE-2022-4886/ #4611
-
|
Hi All, We are running nginxinc open source version we would like to know if above vulnerability is applicable here as well ? kubernetes/ingress-nginx#10571 Above talks about chrooted and annotation injection whereas nginxinc runs as 101 nginx user is above appicable ?. Btw we are using nginx for only udp traffic. It will help a lot if someone can share input on the same. rgds |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
Btw above are from |
Beta Was this translation helpful? Give feedback.
-
|
There is a blog post that covers this topic: https://www.nginx.com/blog/which-nginx-ingress-controllers-are-impacted-by-cve-2022-4886-cve-2023-5043-and-cve-2023-5044/ In short, these vulnerabilities only apply to the community version. |
Beta Was this translation helpful? Give feedback.
Hi @ThenmozhiBalaji
There is a blog post that covers this topic: https://www.nginx.com/blog/which-nginx-ingress-controllers-are-impacted-by-cve-2022-4886-cve-2023-5043-and-cve-2023-5044/
In short, these vulnerabilities only apply to the community version.