305 matches found
Multiple vulnerabilities in Ingress NGINX Controller for Kubernetes
On March 24, 2025, Kubernetes disclosed 5 new vulnerabilities affecting the Ingress NGINX Controller for Kubernetes. Successful exploitation could allow attackers access to all secrets stored across all namespaces in the Kubernetes cluster, which could result in cluster takeover. CVE-2025-1974 9....
CVE-2025-1097
A flaw was found in ingress-nginx https://github.com/kubernetes/ingress-nginx where the auth-tls-match-cn Ingress annotation can be used to inject configuration into nginx. This issue can lead to arbitrary code execution in the context of the ingress-nginx controller and disclosure of Secrets...
GHSA-VG63-W3P9-JC9M ingress-nginx controller - configuration injection via unsanitized mirror annotations
A security issue was discovered in ingress-nginx where the mirror-target and mirror-host Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to...
ingress-nginx controller - configuration injection via unsanitized mirror annotations
A security issue was discovered in ingress-nginx where the mirror-target and mirror-host Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to...
GHSA-823X-FV5P-H7HW ngress-nginx controller - configuration injection via unsanitized auth-tls-match-cn annotation
A security issue was discovered in ingress-nginx where the auth-tls-match-cn Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. Note th...
GHSA-FWWP-XCXW-39VQ ingress-nginx controller - configuration injection via unsanitized auth-url annotation
A security issue was discovered in ingress-nginx where the auth-url Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. Note that in the...
ingress-nginx controller - configuration injection via unsanitized auth-url annotation
A security issue was discovered in ingress-nginx where the auth-url Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. Note that in the...
ngress-nginx controller - configuration injection via unsanitized auth-tls-match-cn annotation
A security issue was discovered in ingress-nginx where the auth-tls-match-cn Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. Note th...
CVE-2025-24514
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the auth-url Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets...
CVE-2025-1098
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the mirror-target and mirror-host Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx...
CVE-2025-1097
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the auth-tls-match-cn Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation through the auth-url annotation which can be used to inject configuration into nginx. Remediation Upgrade github.com/kubernetes/ingress-nginx/internal/ingress/annotations/auth to version 1.11.5, 1.12.1, 4.11.5,...
CVE-2025-24514 ingress-nginx controller - configuration injection via unsanitized auth-url annotation
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the auth-url Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets...
CVE-2025-24514 ingress-nginx controller - configuration injection via unsanitized auth-url annotation
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the auth-url Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets...
CVE-2025-1098 ingress-nginx controller - configuration injection via unsanitized mirror annotations
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the mirror-target and mirror-host Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx...
CVE-2025-1098
CVE-2025-1098 affects the Ingress-NGINX Controller (Admission Controller) used in Kubernetes. The vulnerability arises from the mirror-target/mirror-host annotations, which can inject arbitrary configuration into nginx, enabling arbitrary code execution in the ingress-nginx process and potential ...
CVE-2025-1098 ingress-nginx controller - configuration injection via unsanitized mirror annotations
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the mirror-target and mirror-host Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx...
CVE-2025-1097
Ingress-NGINX CVE-2025-1097 allows configuration injection via the auth-tls-match-cn annotation, enabling arbitrary code execution in the ingress-nginx controller and potential disclosure of Secrets. The exploit is demonstrated against Ingress-NGINX Admission Controller versions up to at least 1....
EUVD-2025-8034
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the auth-tls-match-cn Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of...
CVE-2025-1097 ingress-nginx controller - configuration injection via unsanitized auth-tls-match-cn annotation
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the auth-tls-match-cn Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of...