Vulnerabilities > F5 > Nginx Ingress Controller > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-06 | CVE-2024-10318 | Session Fixation vulnerability in F5 products A session fixation issue was discovered in the NGINX OpenID Connect reference implementation, where a nonce was not checked at login time. | 5.4 |
| 2022-08-04 | CVE-2022-30535 | Improper Input Validation vulnerability in F5 Nginx Ingress Controller In versions 2.x before 2.3.0 and all versions of 1.x, An attacker authorized to create or update ingress objects can obtain the secrets available to the NGINX Ingress Controller. | 6.5 |
| 2022-04-21 | CVE-2021-23055 | Unspecified vulnerability in F5 Nginx Ingress Controller On version 2.x before 2.0.3 and 1.x before 1.12.3, the command line restriction that controls snippet use with NGINX Ingress Controller does not apply to Ingress objects. | 6.5 |