SREDevOps.org

Security

Brecha crítica  de seguridad,  usada en miles de entornos, es revelada en nginx-ingress [CVE-2023-5043: annotation injection causes arbitrary command execution]

Brecha crítica de seguridad, usada en miles de entornos, es revelada en nginx-ingress [CVE-2023-5043: annotation injection causes arbitrary command execution]

Si utilizas nginx como ingress controller y mantienes configuraciones via annottations, debes revisar esta alerta publicada en Kubernetess "Official" Google Group:, hoy 25 de Octubre 2023: Issue Details A security issue was identified in ingress-nginx where the nginx.ingress.kubernetes.io/configuration-snippet annotation on an Ingress object (in

Read the full post →