CVE-2022-4886
CVE Details
Visit the official vulnerability details page for CVE-2022-4886 to learn more.
Initial Publication
10/25/2023
Last Update
02/13/2025
Third Party Dependency
k8s.io/ingress-nginx
NIST CVE Summary
Ingress-nginx `path` sanitization can be bypassed with `log_format` directive.
CVE Severity
Our Official Summary
Investigation is ongoing to determine how this vulnerability affects our products.
Status
Modified
Affected Products & Versions
| Version | PaletteAI | PaletteAI VerteX |
|---|---|---|
| 0.7.1 | ⚠️ Impacted | ⚠️ Impacted |
| 0.6.6 | ⚠️ Impacted | ⚠️ Impacted |
| 0.5.11 | ⚠️ Impacted | ⚠️ Impacted |
Revision History
No revisions available.