Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

ASA-202111-7 - log back

ASA-202111-7 edited at 19 Nov 2021 09:49:53

Workaround

-	This issue cannot be fixed solely by upgrading kubectl-ingress-nginx. To mitigate, set allow-snippet-annotations to false in your ingress-nginx ConfigMap based on how you deploy ingress-nginx, see the references for more information.
+	This issue cannot be fixed solely by upgrading kubectl-ingress-nginx.
+	To mitigate, set allow-snippet-annotations to false in your ingress-
+	nginx ConfigMap based on how you deploy ingress-nginx, see the
+	references for more information.

ASA-202111-7 edited at 18 Nov 2021 10:28:42

Workaround

+	This issue cannot be fixed solely by upgrading kubectl-ingress-nginx. To mitigate, set allow-snippet-annotations to false in your ingress-nginx ConfigMap based on how you deploy ingress-nginx, see the references for more information.

Impact

+	An authenticated remote attacker could disclose all secrets in the cluster.

ASA-202111-7 created at 18 Nov 2021 10:26:56