11 matches found
SUSE CVE-2025-1097
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the auth-tls-match-cn Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of...
Multiple vulnerabilities in Ingress NGINX Controller for Kubernetes
On March 24, 2025, Kubernetes disclosed 5 new vulnerabilities affecting the Ingress NGINX Controller for Kubernetes. Successful exploitation could allow attackers access to all secrets stored across all namespaces in the Kubernetes cluster, which could result in cluster takeover. CVE-2025-1974 9....
CVE-2025-1097
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the auth-tls-match-cn Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation through the auth-tls-match-cn annotation. An attacker can execute arbitrary code and disclose sensitive information by injecting malicious configurations. Remediation Upgrade...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation through the auth-tls-match-cn annotation. An attacker can execute arbitrary code and disclose sensitive information by injecting malicious configurations. Remediation Upgrade...
Kubernetes ingress-nginx 输入验证错误漏洞
Ingress NGINX Controller is an open source portal controller that uses NGINX as a reverse proxy and load balancer. Ingress NGINX Controller suffers from a remote code execution vulnerability that stems from auth-tls-match-cn Ingress annotations can be used to inject configurations, which could le...
SSL/TLS: FTP Missing Support For AUTH TLS
The remote FTP server does not support the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribu...
[SECURITY] Fedora 14 Update: postfix-2.7.4-1.fc14
Postfix is a Mail Transport Agent MTA, supporting LDAP, SMTP AUTH SASL, TLS...
FTP Service AUTH TLS Plaintext Command Injection
The remote FTP server contains a software flaw in its AUTH TLS implementation that could allow a remote, unauthenticated attacker to inject commands during the plaintext protocol phase that will be executed during the ciphertext protocol phase. Successful exploitation could permit an attacker to...
RedHat Update for postfix RHSA-2011:0422-01
Check for the Version of postfix OpenVAS Vulnerability Test RedHat Update for postfix RHSA-2011:0422-01 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
FTP Service AUTH TLS Command Support
The remote FTP service supports the use of the 'AUTH TLS' command to switch from a cleartext to an encrypted communications channel. TRUSTED...