📦 Nginx Ingress Controller

A vulnerability in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation allows path traversal attacks. This affects Kubernetes clusters using NGINX Ingress Controller with the vul...

CVE-2023-44487 is an HTTP/2 protocol vulnerability that allows attackers to cause denial of service by rapidly resetting streams, consuming server resources. This affects any system using HTTP/2, incl...

A vulnerability in NGINX OSS and NGINX Plus allows attackers in a man-in-the-middle position on the upstream server side to inject plain text data into responses from proxied TLS servers. This affects...

A session fixation vulnerability in NGINX OpenID Connect reference implementation allows attackers to bind a victim's session to an attacker-controlled account by exploiting missing nonce validation d...