Ingress-Nginx Controller - Configuration Injection via Unsanitized Mirror Annotations

A security issue was discovered in ingress-nginx https-//github.com/kubernetes/ingress-nginx where the mirror-target and mirror-host Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx...

CVE-2026-1098

creationtimestamp| type| source ---|---|--- 2026-01-24 11:03:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3md62wkuoyf2g...

EUVD-2026-1098

EUVD-2026-1098...

ECHO-DF9B-1098-6E42

Bulletin has no description...

EUVD-2016-1098

Malware in sbrugna...

CVE-2013-3693

The BlackBerry Universal Device Service in BlackBerry Enterprise Service BES 10.0 through 10.1.2 does not properly restrict access to the JBoss Remote Method Invocation RMI interface, which allows remote attackers to upload and execute arbitrary packages via a request to port 1098...

CVE-2019-1098

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1094, CVE-2019-1095, CVE-2019-1099, CVE-2019-1100, CVE-2019-1101, CVE-2019-111...

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.2-ifix1 Vulnerability Details CVEID:CVE-2025-1974 DESCRIPTION: A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve...

CVE-2025-1098 vulnerabilities

Vulnerabilities for packages: ingress-nginx-controller...

CVE-2025-1098 vulnerabilities

Vulnerabilities for packages: ingress-nginx-controller, ingress-nginx-controller-fips...

K000150538: Kubernetes ingress-nginx vulnerabilities CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, and CVE-2025-24514

Security Advisory Description CVE-2025-1097 also known as IngressNightmare A security issue was discovered in ingress-nginx https : //github . com/kubernetes/ingress-nginx where the auth-tls-match-cn Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary cod...

CVE-2025-1098 ingress-nginx controller - configuration injection via unsanitized mirror annotations

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the mirror-target and mirror-host Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx...

CVE-2025-1098

CVE-2025-1098 affects the Ingress-NGINX Controller (Admission Controller) used in Kubernetes. The vulnerability arises from the mirror-target/mirror-host annotations, which can inject arbitrary configuration into nginx, enabling arbitrary code execution in the ingress-nginx process and potential ...

CVE-2025-1098 ingress-nginx controller - configuration injection via unsanitized mirror annotations

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the mirror-target and mirror-host Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx...

CVE-2025-1098

creationtimestamp| type| source ---|---|--- 2025-03-24 17:55:00+00:00| seen| https://thehackernews.com/2025/03/critical-ingress-nginx-controller.html 2025-03-24 21:56:48+00:00| seen| https://bsky.app/profile/lookitup.baby/post/3ll5qr5t6uk2k 2025-03-24 22:01:06+00:00| seen|...

Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller

Ingress Controllers play a critical role within Kubernetes clusters by enabling the functionality of Ingress resources. Azure Kubernetes Service AKS is aware of several security vulnerabilities affecting the Kubernetes ingress-nginx controller, including CVE-2025-1098, CVE-2025-1974, CVE-2025-109...

Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller

Ingress Controllers play a critical role within Kubernetes clusters by enabling the functionality of Ingress resources. Azure Kubernetes Service AKS is aware of several security vulnerabilities affecting the Kubernetes ingress-nginx controller, including CVE-2025-1098, CVE-2025-1974, CVE-2025-109...

Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller

Ingress Controllers play a critical role within Kubernetes clusters by enabling the functionality of Ingress resources. Azure Kubernetes Service AKS is aware of several security vulnerabilities affecting the Kubernetes ingress-nginx controller, including CVE-2025-1098, CVE-2025-1974, CVE-2025-109...

Linux Distros Unpatched Vulnerability : CVE-2018-1098

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. An attacker can set up a website that tries to send a POST request to the etcd server and...

Linux Distros Unpatched Vulnerability : CVE-2011-1098

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Race condition in the createOutputFile function in logrotate.c in logrotate 3.7.9 and earlier allows local users to read log data by opening a file before the...