Lucene search
K

5 matches found

Rapid7 Blog
Rapid7 Blog
added 2025/03/25 4:10 p.m.7 views

Multiple vulnerabilities in Ingress NGINX Controller for Kubernetes

On March 24, 2025, Kubernetes disclosed 5 new vulnerabilities affecting the Ingress NGINX Controller for Kubernetes. Successful exploitation could allow attackers access to all secrets stored across all namespaces in the Kubernetes cluster, which could result in cluster takeover. CVE-2025-1974 9....

9.8CVSS8.2AI score0.99098EPSS
Exploits21
OSV
OSV
added 2025/03/25 12:15 a.m.4 views

CVE-2025-1097

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the auth-tls-match-cn Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of...

8.8CVSS6.2AI score0.34677EPSS
Exploits7References3
Snyk
Snyk
added 2025/03/24 11:43 p.m.4 views

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation through the auth-tls-match-cn annotation. An attacker can execute arbitrary code and disclose sensitive information by injecting malicious configurations. Remediation Upgrade...

8.8CVSS7.3AI score0.34677EPSS
Exploits7References2
Snyk
Snyk
added 2025/03/24 11:43 p.m.4 views

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation through the auth-tls-match-cn annotation. An attacker can execute arbitrary code and disclose sensitive information by injecting malicious configurations. Remediation Upgrade...

8.8CVSS7.3AI score0.34677EPSS
Exploits7References2
CNNVD
CNNVD
added 2025/03/24 12:0 a.m.7 views

Kubernetes ingress-nginx 输入验证错误漏洞

Ingress NGINX Controller is an open source portal controller that uses NGINX as a reverse proxy and load balancer. Ingress NGINX Controller suffers from a remote code execution vulnerability that stems from auth-tls-match-cn Ingress annotations can be used to inject configurations, which could le...

8.8CVSS8.1AI score0.34677EPSS
Exploits7References2
Rows per page
Query Builder