428 matches found
Ingress-Nginx Controller - Configuration Injection via Unsanitized `auth-tls-match-cn` Annotation
A security issue was discovered in ingress-nginx https-//github.com/kubernetes/ingress-nginx where the auth-tls-match-cn Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of...
Ingress-Nginx Controller - Configuration Injection via Unsanitized `auth-url` Annotation
A security issue was discovered in ingress-nginx https-//github.com/kubernetes/ingress-nginx where the auth-url Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets...
Ingress-Nginx Controller - Configuration Injection via Unsanitized Mirror Annotations
A security issue was discovered in ingress-nginx https-//github.com/kubernetes/ingress-nginx where the mirror-target and mirror-host Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx...
CLEANSTART-2026-HJ99696 Security fixes for CVE-2026-25680, CVE-2026-25681, CVE-2026-27136, CVE-2026-27145, CVE-2026-39821, CVE-2026-39824, CVE-2026-42502, CVE-2026-42504, CVE-2026-42506, CVE-2026-42507 applied in versions: 1.14.5-r1
Multiple security vulnerabilities affect the ingress-nginx-controller-1.14 package. These issues are resolved in later releases. See references for individual vulnerability details...
GHSA-XCGV-8MV7-V8C7 vulnerabilities
Vulnerabilities for packages: containerd, harbor-fips, harbor, rekor-fips, keda-fips, reports-server, traefik-fips, knative-serving-fips, cerbos-fips, kubernetes, snyk-cli, kube-state-metrics, podman, k8s-device-plugin, kyverno, vault-fips, zarf, tekton-pipelines-fips, consul-fips,...
CVE-2026-24513 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
CVE-2026-24512 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
CVE-2026-1580 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
GHSA-9H3P-52VH-959W vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
CVE-2026-24514 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
GHSA-2PF9-VR92-6H3V vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
GHSA-JX8C-56MG-H6VP vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
GHSA-4G2F-XCPH-2335 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
CVE-2026-1580 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller-fips, ingress-nginx-controller...
CVE-2026-24513 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller-fips, ingress-nginx-controller...
GHSA-2PF9-VR92-6H3V vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller-fips, ingress-nginx-controller...
GHSA-9H3P-52VH-959W vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller-fips, ingress-nginx-controller...
GHSA-JX8C-56MG-H6VP vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller-fips, ingress-nginx-controller...
CVE-2026-24514 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller-fips, ingress-nginx-controller...
GHSA-4G2F-XCPH-2335 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller-fips, ingress-nginx-controller...