Vulnerabilities tagged "rce"

[Kubernetes] Ingress nginx annotation injection causes arbitrary command execution

This vulnerability impacts kubernetes setups using NGINX as the ingress controller via [ingress-nginx](https://github.com/kubernetes/ingress-nginx). At first I wanted to blame this one on block-listing when they should have used an allow-list, but its not quite that, but it is basically just a missed edge-case that allows for code execution.
 
1
2
3
4