CVE-2022-4886 Information

Description

Ingress-nginx path sanitization can be bypassed with log_format directive.

Reference

https://github.com/kubernetes/ingress-nginx/issues/10570 https://groups.google.com/g/kubernetes-security-announce/c/ge7u3qCwZLI http://www.openwall.com/lists/oss-security/2023/10/25/5