{"vulnerability": "CVE-2022-4886", "sightings": [{"uuid": "2c924006-e5db-4856-b575-e6dbbb3dd3a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2022-48863", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "317213eb-edc5-4d51-90f7-1688c37f0c81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2022-48865", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "e9f2316d-a8ac-49b9-886c-96d448057410", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4886", "type": "seen", "source": "Telegram/MCOtq6YNws1wIQDmkmW4fj5yPvTPQ5hjf1qfUTkU-awDNw", "content": "", "creation_timestamp": "2023-10-30T08:13:06.000000Z"}, {"uuid": "04b36a97-ecee-4a4d-9b6c-6fd8c9a03733", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48862", "type": "seen", "source": "https://t.me/cvedetector/952", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2022-48862 - Linux Kernel Vhost IOTLB Overwrite Vulnerability\", \n \"Content\": \"CVE ID : CVE-2022-48862 \nPublished : July 16, 2024, 1:15 p.m. | 37\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nvhost: fix hung thread due to erroneous iotlb entries \n \nIn vhost_iotlb_add_range_ctx(), range size can overflow to 0 when \nstart is 0 and last is ULONG_MAX. One instance where it can happen \nis when userspace sends an IOTLB message with iova=size=uaddr=0 \n(vhost_process_iotlb_msg). So, an entry with size = 0, start = 0, \nlast = ULONG_MAX ends up in the iotlb. Next time a packet is sent, \niotlb_access_ok() loops indefinitely due to that erroneous entry. \n \n Call Trace: \n \n iotlb_access_ok+0x21b/0x3e0 drivers/vhost/vhost.c:1340 \n vq_meta_prefetch+0xbc/0x280 drivers/vhost/vhost.c:1366 \n vhost_transport_do_send_pkt+0xe0/0xfd0 drivers/vhost/vsock.c:104 \n vhost_worker+0x23d/0x3d0 drivers/vhost/vhost.c:372 \n kthread+0x2e9/0x3a0 kernel/kthread.c:377 \n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295 \n \n \nReported by syzbot at: \n \n \nTo fix this, do two things: \n \n1. Return -EINVAL in vhost_chr_write_iter() when userspace asks to map \n a range with size 0. \n2. Fix vhost_iotlb_add_range_ctx() to handle the range [0, ULONG_MAX] \n by splitting it into two entries. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T16:16:49.000000Z"}, {"uuid": "27417eea-9e0b-423d-994a-3936d9fa47f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48860", "type": "seen", "source": "https://t.me/cvedetector/963", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2022-48860 - Intel Ethernet Vulnerability - Use After Free\", \n \"Content\": \"CVE ID : CVE-2022-48860 \nPublished : July 16, 2024, 1:15 p.m. | 37\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nethernet: Fix error handling in xemaclite_of_probe \n \nThis node pointer is returned by of_parse_phandle() with refcount \nincremented in this function. Calling of_node_put() to avoid the \nrefcount leak. As the remove function do. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T16:17:05.000000Z"}, {"uuid": "24fb29a4-4891-4e98-8436-1d33b2ef0bbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48861", "type": "seen", "source": "https://t.me/cvedetector/955", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2022-48861 - \"Linux Kernel vdpa Use-After-Free Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2022-48861 \nPublished : July 16, 2024, 1:15 p.m. | 37\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nvdpa: fix use-after-free on vp_vdpa_remove \n \nWhen vp_vdpa driver is unbind, vp_vdpa is freed in vdpa_unregister_device \nand then vp_vdpa->mdev.pci_dev is dereferenced in vp_modern_remove, \ntriggering use-after-free. \n \nCall Trace of unbinding driver free vp_vdpa : \ndo_syscall_64 \n vfs_write \n kernfs_fop_write_iter \n device_release_driver_internal \n pci_device_remove \n vp_vdpa_remove \n vdpa_unregister_device \n kobject_release \n device_release \n kfree \n \nCall Trace of dereference vp_vdpa->mdev.pci_dev: \nvp_modern_remove \n pci_release_selected_regions \n pci_release_region \n pci_resource_len \n pci_resource_end \n (dev)->resource[(bar)].end \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T16:16:55.000000Z"}, {"uuid": "e55dcdf3-bb1e-4777-8865-e8963494396f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48863", "type": "seen", "source": "https://t.me/cvedetector/954", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2022-48863 - \"mISDN Kernel Memory Leak\"\", \n \"Content\": \"CVE ID : CVE-2022-48863 \nPublished : July 16, 2024, 1:15 p.m. | 37\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nmISDN: Fix memory leak in dsp_pipeline_build() \n \ndsp_pipeline_build() allocates dup pointer by kstrdup(cfg), \nbut then it updates dup variable by strsep(&dup, \"|\"). \nAs a result when it calls kfree(dup), the dup variable contains NULL. \n \nFound by Linux Driver Verification project (linuxtesting.org) with SVACE. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T16:16:51.000000Z"}, {"uuid": "eb2e7d56-114f-4e02-abc2-c8f04801a6e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48865", "type": "seen", "source": "https://t.me/cvedetector/953", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2022-48865 - Linux Kernel TIPC Null Pointer Dereference Vulnerability\", \n \"Content\": \"CVE ID : CVE-2022-48865 \nPublished : July 16, 2024, 1:15 p.m. | 37\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \ntipc: fix kernel panic when enabling bearer \n \nWhen enabling a bearer on a node, a kernel panic is observed: \n \n[ 4.498085] RIP: 0010:tipc_mon_prep+0x4e/0x130 [tipc] \n... \n[ 4.520030] Call Trace: \n[ 4.520689] \n[ 4.521236] tipc_link_build_proto_msg+0x375/0x750 [tipc] \n[ 4.522654] tipc_link_build_state_msg+0x48/0xc0 [tipc] \n[ 4.524034] __tipc_node_link_up+0xd7/0x290 [tipc] \n[ 4.525292] tipc_rcv+0x5da/0x730 [tipc] \n[ 4.526346] ? __netif_receive_skb_core+0xb7/0xfc0 \n[ 4.527601] tipc_l2_rcv_msg+0x5e/0x90 [tipc] \n[ 4.528737] __netif_receive_skb_list_core+0x20b/0x260 \n[ 4.530068] netif_receive_skb_list_internal+0x1bf/0x2e0 \n[ 4.531450] ? dev_gro_receive+0x4c2/0x680 \n[ 4.532512] napi_complete_done+0x6f/0x180 \n[ 4.533570] virtnet_poll+0x29c/0x42e [virtio_net] \n... \n \nThe node in question is receiving activate messages in another \nthread after changing bearer status to allow message sending/ \nreceiving in current thread: \n \n thread 1 | thread 2 \n -------- | -------- \n | \ntipc_enable_bearer() | \n test_and_set_bit_lock() | \n tipc_bearer_xmit_skb() | \n | tipc_l2_rcv_msg() \n | tipc_rcv() \n | __tipc_node_link_up() \n | tipc_link_build_state_msg() \n | tipc_link_build_proto_msg() \n | tipc_mon_prep() \n | { \n | ... \n | // null-pointer dereference \n | u16 gen = mon->dom_gen; \n | ... \n | } \n // Not being executed yet | \n tipc_mon_create() | \n { | \n ... | \n // allocate | \n mon = kzalloc(); | \n ... | \n } | \n \nMonitoring pointer in thread 2 is dereferenced before monitoring data \nis allocated in thread 1. This causes kernel panic. \n \nThis commit fixes it by allocating the monitoring data before enabling \nthe bearer to receive messages. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T16:16:50.000000Z"}, {"uuid": "972693b5-6b6e-4690-bb0b-44913c69053c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48866", "type": "seen", "source": "https://t.me/cvedetector/951", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2022-48866 - Thrustmaster HID Linux Kernel Slab-Out-Of-Bounds Read Vulnerability\", \n \"Content\": \"CVE ID : CVE-2022-48866 \nPublished : July 16, 2024, 1:15 p.m. | 37\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nHID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts \n \nSyzbot reported an slab-out-of-bounds Read in thrustmaster_probe() bug. \nThe root case is in missing validation check of actual number of endpoints. \n \nCode should not blindly access usb_host_interface::endpoint array, since \nit may contain less endpoints than code expects. \n \nFix it by adding missing validaion check and print an error if \nnumber of endpoints do not match expected number \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T16:16:48.000000Z"}, {"uuid": "06eb53b8-775e-4211-8244-3f279469545f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48864", "type": "seen", "source": "https://t.me/cvedetector/950", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2022-48864 - \"Melanox VDPA Linux Kernel Unvalidated Queue Pair Configuration Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2022-48864 \nPublished : July 16, 2024, 1:15 p.m. | 37\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nvdpa/mlx5: add validation for VIRTIO_NET_CTRL_MQ_VQ_PAIRS_SET command \n \nWhen control vq receives a VIRTIO_NET_CTRL_MQ_VQ_PAIRS_SET command \nrequest from the driver, presently there is no validation against the \nnumber of queue pairs to configure, or even if multiqueue had been \nnegotiated or not is unverified. This may lead to kernel panic due to \nuninitialized resource for the queues were there any bogus request \nsent down by untrusted driver. Tie up the loose ends there. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T16:16:47.000000Z"}, {"uuid": "e205df10-d50e-41d3-b5cb-7cf61319495b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4886", "type": "seen", "source": "https://t.me/arpsyndicate/44", "content": "#ExploitObserverAlert\n\nCVE-2022-4886\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-4886. Ingress-nginx `path` sanitization can be bypassed with `log_format` directive.\n\nFIRST-EPSS: 0.000750000\nNVD-IS: 3.6\nNVD-ES: 2.8", "creation_timestamp": "2023-11-10T20:00:56.000000Z"}, {"uuid": "aeb75a3f-bdf3-4989-80be-c704bdb99b26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4886", "type": "seen", "source": "https://t.me/arpsyndicate/40", "content": "#ExploitObserverAlert\n\nCVE-2022-4886\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-4886. Ingress-nginx `path` sanitization can be bypassed with `log_format` directive.\n\nFIRST-EPSS: 0.000750000\nNVD-IS: 3.6\nNVD-ES: 2.8", "creation_timestamp": "2023-11-10T14:06:57.000000Z"}, {"uuid": "f36c45e5-bf90-4fab-b1e1-20210fe806c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4886", "type": "seen", "source": "https://t.me/arpsyndicate/675", "content": "#ExploitObserverAlert\n\nCVE-2022-4886\n\nDESCRIPTION: Exploit Observer has 6 entries related to CVE-2022-4886. Ingress-nginx `path` sanitization can be bypassed with `log_format` directive.\n\nFIRST-EPSS: 0.000750000\nNVD-IS: 3.6\nNVD-ES: 2.8", "creation_timestamp": "2023-11-29T05:49:54.000000Z"}, {"uuid": "a071879f-65f9-4e07-89aa-494e3cb99446", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4886", "type": "seen", "source": "https://t.me/KomunitiSiber/999", "content": "Urgent: New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes\nhttps://thehackernews.com/2023/10/urgent-new-security-flaws-discovered-in.html\n\nThree unpatched high-severity security flaws have been disclosed in the\u00a0NGINX Ingress controller\u00a0for Kubernetes that could be weaponized by a threat actor to steal secret credentials from the cluster.\nThe vulnerabilities are as follows -\u00a0\n\nCVE-2022-4886\u00a0(CVSS score: 8.8) -\u00a0Ingress-nginx\u00a0path sanitization can be bypassed to obtain the credentials of the ingress-nginx controller\nCVE-2023-5043\u00a0(", "creation_timestamp": "2023-10-30T09:02:14.000000Z"}, {"uuid": "d255417e-2ecb-4ccc-ba13-3bb8dfaa1c3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4886", "type": "seen", "source": "https://t.me/true_secator/5023", "content": "\u0412 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0435 NGINX \u0434\u043b\u044f Kubernetes \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0442\u0440\u0438 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0441\u0435\u043a\u0440\u0435\u0442\u043d\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u0437 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430.\n\n\u0421\u0440\u0435\u0434\u0438 \u043d\u0438\u0445:\n- CVE-2022-4886\u00a0(\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8,8): \u043e\u0431\u0445\u043e\u0434 \u043e\u0447\u0438\u0441\u0442\u043a\u0438 \u043f\u0443\u0442\u0438 Ingress-nginx\u00a0\u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 Ingress-nginx;\n- CVE-2023-5043\u00a0(\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 7,6): \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u0430\u043d\u043d\u043e\u0442\u0430\u0446\u0438\u0438 Ingress-nginx \u0432\u044b\u0437\u044b\u0432\u0430\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u043a\u043e\u043c\u0430\u043d\u0434\u044b.\n- CVE-2023-5044\u00a0(\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 7,6): \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0447\u0435\u0440\u0435\u0437 \u0430\u043d\u043d\u043e\u0442\u0430\u0446\u0438\u044e nginx.ingress.kubernetes[.io]/permanent-redirect.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u0435\u0442 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u043e\u0431\u044a\u0435\u043a\u0442\u0430 Ingress, \u0443\u043a\u0440\u0430\u0441\u0442\u044c \u0441\u0435\u043a\u0440\u0435\u0442\u043d\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430.\n\nCVE-2022-4886 \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0432 \u043f\u043e\u043b\u0435 \u00abspec.rules[].http.paths[].path\u00bb \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u0438\u043c\u0435\u044e\u0449\u0435\u043c\u0443 \u0434\u043e\u0441\u0442\u0443\u043f \u043a Ingress, \u0441\u043a\u0430\u0447\u0438\u0432\u0430\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 API Kubernetes \u0438\u0437 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430.\n\n\u0412\u00a0\u043e\u0431\u044a\u0435\u043a\u0442\u0435 Ingress\u00a0\u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440 \u043c\u043e\u0436\u0435\u0442 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c, \u043a\u0430\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0439 \u043f\u0443\u0442\u044c HTTP \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0430 \u043a\u0430\u043a\u043e\u0439 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0439 \u043f\u0443\u0442\u044c.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043d\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442 \u0434\u043e\u043b\u0436\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0434\u043e\u0441\u0442\u043e\u0432\u0435\u0440\u043d\u043e\u0441\u0442\u044c \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0433\u043e \u043f\u0443\u0442\u0438 \u0438 \u043c\u043e\u0436\u0435\u0442 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0442\u044c \u043d\u0430 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0439 \u0444\u0430\u0439\u043b, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0442\u043e\u043a\u0435\u043d \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0441\u043b\u0443\u0436\u0431\u044b \u0434\u043b\u044f \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043a\u043b\u0438\u0435\u043d\u0442\u0430 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 API.\n\n\u0412 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u041f\u041e \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0432 \u0441\u0435\u0431\u044f \u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u044e \u043e\u043f\u0446\u0438\u0438 \u00abstrict-validate-path-type\u00bb \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0443 \u0444\u043b\u0430\u0433\u0430 --enable-annotation-validation, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u0435\u0434\u043e\u0442\u0432\u0440\u0430\u0442\u0438\u0442\u044c \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0435 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432 Ingress \u0441 \u043d\u0435\u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u044b\u043c\u0438 \u0441\u0438\u043c\u0432\u043e\u043b\u0430\u043c\u0438 \u0438 \u0432\u0432\u0435\u0441\u0442\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f.\n\n\u0412 ARMO \u0437\u0430\u044f\u0432\u0438\u043b\u0438, \u0447\u0442\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 NGINX \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1.19, \u043d\u0430\u0440\u044f\u0434\u0443 \u0441 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438 \u00ab--enable-annotation-validation\u00bb, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 CVE-2023-5043 \u0438 CVE-2023-5044.", "creation_timestamp": "2023-10-30T17:00:07.000000Z"}, {"uuid": "6239932e-7aed-4446-82a2-b01a722c3d04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4886", "type": "seen", "source": "https://t.me/ctinow/202623", "content": "https://ift.tt/xhTKwyR\nCVE-2022-4886 Ingress nginx Vulnerability in NetApp Products", "creation_timestamp": "2024-03-07T18:32:21.000000Z"}, {"uuid": "2037f5aa-84bc-43a3-8e9d-2dff78a4168b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4886", "type": "seen", "source": "https://t.me/cibsecurity/72908", "content": "\u203c CVE-2022-4886 \u203c\n\nIngress-nginx `path` sanitization can be bypassed with `log_format` directive.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-26T00:39:16.000000Z"}]}