Lucene search
K

4 matches found

SUSE CVE
SUSE CVE
added 2026/02/07 12:24 a.m.5 views

SUSE CVE-2026-24512

A security issue was discovered in ingress-nginx where the rules.http.paths.path Ingress field can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. Note tha...

8.8CVSS6.6AI score0.00501EPSS
Exploits1References3
CVE
CVE
added 2026/02/03 10:17 p.m.206 views

CVE-2026-24512

Ingress-NGINX Controller vulnerability CVE-2026-24512: the rules.http.paths.path Ingress field can inject configuration into nginx, enabling arbitrary code execution and access to controller-scoped Secrets. Affected versions include k8s.io/ingress-nginx before 1.13.7 and 1.14.x before 1.14.3; rem...

8.8CVSS6.5AI score0.00501EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/02/03 10:17 p.m.33 views

CVE-2026-24512 ingress-nginx auth-method nginx configuration injection

A security issue was discovered in ingress-nginx where the rules.http.paths.path Ingress field can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. Note tha...

8.8CVSS0.00501EPSS
Exploits1References1
Circl
Circl
added 2026/02/02 3:57 p.m.5 views

CVE-2026-24512

creationtimestamp| type| source ---|---|--- 2026-02-02 15:57:33+00:00| seen| https://seclists.org/oss-sec/2026/q1/140 2026-02-03 18:11:43+00:00| seen| https://hachyderm.io/users/ChrisShort/statuses/116008045925159135 2026-02-03 18:11:45+00:00| seen|...

8.8CVSS7.9AI score0.00501EPSS
Exploits1References20
Rows per page
Query Builder