CVE-2021-23055

Summary

On version 2.x before 2.0.3 and 1.x before 1.12.3, the command line restriction that controls snippet use with NGINX Ingress Controller does not apply to Ingress objects. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Affected Software

VendorProductVersion RangeStatus
n/aNGINX Ingress Controller2.x before 2.0.3 and 1.x before 1.12.3affected

Weaknesses

  • CWE-732: CWE-732

ADP Enrichment

CVE Program Container

Additional References

References