VDB
CVE-2023-5044
CVE-2023-5044
PUBLISHED
Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation.
EPSS 10.61% · 93.4th percentile
Risk Scores
EPSS Score
10.61%
93.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | nginx-ingress-controller | 0 |
| Bitnami | nginx-ingress-controller | 0 |
Timeline
- CVE Published
- Oct 25, 2023 PoC Published
- Oct 26, 2023 EPSS Score
- Oct 26, 2023 PoC Published
- Oct 30, 2023 PoC Published
- Oct 30, 2023 PoC Published
- Nov 1, 2023 PoC Published
- Nov 8, 2023 PoC Published
- Nov 9, 2023 PoC Published
- Jan 9, 2024 PoC Published
- Aug 16, 2024 PoC Published
- Oct 5, 2024 Coalition ESS Score
References
- http://www.openwall.com/lists/oss-security/2023/10/25/3 url
- https://github.com/kubernetes/ingress-nginx/issues/10572 url
- https://groups.google.com/g/kubernetes-security-announce/c/ukuYYvRNel0 url
- https://security.netapp.com/advisory/ntap-20240307-0012/ url
- https://nvd.nist.gov/vuln/detail/CVE-2023-5044 url