CVE-2022-4886

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-4886

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-4886.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-4886

Aliases

Related

CGA-m5f5-q2jp-fq5g

Published

2023-10-25T20:15:09.790Z

Modified

2026-02-05T13:14:46.948052Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Ingress-nginx path sanitization can be bypassed with log_format directive.

References

Affected packages

Git / github.com/kubernetes/ingress-nginx

Affected ranges

Type: GIT
Repo: https://github.com/kubernetes/ingress-nginx
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

3476232f5c38383dd157ddaff3b4c7cebd57284e

Affected versions

controller-v0.*

controller-v0.34.0

controller-v0.34.1

controller-v0.35.0

controller-v0.40.0

controller-v0.40.1

controller-v0.40.2

controller-v0.41.0

controller-v0.41.1

controller-v0.41.2

controller-v0.42.0

controller-v0.43.0

controller-v0.44.0

controller-v0.45.0

controller-v0.46.0

controller-v0.47.0

controller-v0.48.1

controller-v0.49.0

controller-v1.*

controller-v1.0.0

controller-v1.0.1

controller-v1.0.2

controller-v1.0.3

controller-v1.0.4

controller-v1.0.5

controller-v1.1.0

controller-v1.1.1

controller-v1.1.2

controller-v1.1.3

controller-v1.2.0

controller-v1.2.0-beta.0

controller-v1.2.0-beta.1

controller-v1.2.1

controller-v1.3.0

controller-v1.3.1

controller-v1.4.0

controller-v1.5.1

controller-v1.6.4

controller-v1.7.0

controller-v1.7.1

helm-chart-3.*

helm-chart-3.16.0

helm-chart-3.16.1

helm-chart-3.17.0

helm-chart-3.18.0

helm-chart-3.19.0

helm-chart-3.20.0

helm-chart-3.20.1

helm-chart-3.21.0

helm-chart-3.22.0

helm-chart-3.23.0

helm-chart-3.24.0

helm-chart-3.25.0

helm-chart-3.26.0

helm-chart-3.27.0

helm-chart-3.28.0

helm-chart-3.29.0

helm-chart-3.30.0

helm-chart-3.31.0

helm-chart-3.32.0

helm-chart-3.33.0

helm-chart-3.34.0

helm-chart-3.35.0

helm-chart-3.36.0

helm-chart-4.*

helm-chart-4.0.1

helm-chart-4.0.10

helm-chart-4.0.11

helm-chart-4.0.12

helm-chart-4.0.13

helm-chart-4.0.15

helm-chart-4.0.16

helm-chart-4.0.17

helm-chart-4.0.18

helm-chart-4.0.19

helm-chart-4.0.2

helm-chart-4.0.3

helm-chart-4.0.4

helm-chart-4.0.5

helm-chart-4.0.6

helm-chart-4.0.7

helm-chart-4.0.8

helm-chart-4.0.9

helm-chart-4.1.0

helm-chart-4.1.0-beta.0

helm-chart-4.1.0-beta.1

helm-chart-4.1.1

helm-chart-4.1.2

helm-chart-4.1.3

helm-chart-4.1.4

helm-chart-4.2.0

helm-chart-4.2.1

helm-chart-4.2.2

helm-chart-4.2.3

helm-chart-4.2.4

helm-chart-4.2.5

helm-chart-4.3.0

helm-chart-4.4.0

helm-chart-4.4.2

helm-chart-4.5.0

helm-chart-4.5.2

helm-chart-4.6.0

helm-chart-4.6.1

ingress-nginx-2.*

ingress-nginx-2.0.0

ingress-nginx-2.0.1

ingress-nginx-2.0.2

ingress-nginx-2.0.3

ingress-nginx-2.1.0

ingress-nginx-2.10.0

ingress-nginx-2.11.0

ingress-nginx-2.11.1

ingress-nginx-2.11.2

ingress-nginx-2.11.3

ingress-nginx-2.12.0

ingress-nginx-2.12.1

ingress-nginx-2.13.0

ingress-nginx-2.14.0

ingress-nginx-2.15.0

ingress-nginx-2.16.0

ingress-nginx-2.2.0

ingress-nginx-2.3.0

ingress-nginx-2.4.0

ingress-nginx-2.5.0

ingress-nginx-2.6.0

ingress-nginx-2.7.0

ingress-nginx-2.7.1

ingress-nginx-2.8.0

ingress-nginx-2.9.0

ingress-nginx-2.9.1

ingress-nginx-3.*

ingress-nginx-3.0.0

ingress-nginx-3.1.0

ingress-nginx-3.10.0

ingress-nginx-3.10.1

ingress-nginx-3.11.0

ingress-nginx-3.11.1

ingress-nginx-3.12.0

ingress-nginx-3.13.0

ingress-nginx-3.15.0

ingress-nginx-3.15.1

ingress-nginx-3.15.2

ingress-nginx-3.2.0

ingress-nginx-3.3.0

ingress-nginx-3.3.1

ingress-nginx-3.4.0

ingress-nginx-3.4.1

ingress-nginx-3.5.0

ingress-nginx-3.5.1

ingress-nginx-3.6.0

ingress-nginx-3.7.0

ingress-nginx-3.7.1

ingress-nginx-3.8.0

ingress-nginx-3.9.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-4886.json"