Lucene search
+L

12 matches found

nuclei
nuclei
added 9 hours ago46 views

Ingress-Nginx Controller - Configuration Injection via Unsanitized Mirror Annotations

A security issue was discovered in ingress-nginx https-//github.com/kubernetes/ingress-nginx where the mirror-target and mirror-host Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx...

8.8CVSS6.9AI score0.83066EPSS
Exploits7References3
ibm
ibm
added 2025/04/29 2:40 a.m.75 views

Security Bulletin: Multiple Vulnerabilities in IBM API Connect

Summary Multiple vulnerabilities were addressed in IBM API Connect version 10.0.8.2-ifix1 Vulnerability Details CVEID:CVE-2025-1974 DESCRIPTION: A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve...

9.8CVSS9.8AI score0.99098EPSS
Exploits26Affected Software1
wolfi
wolfi
added 2025/03/26 10:43 p.m.48 views

CVE-2025-1098 vulnerabilities

Vulnerabilities for packages: ingress-nginx-controller...

8.8CVSS7.5AI score0.83066EPSS
Exploits7
cgr
cgr
added 2025/03/26 10:13 p.m.24 views

CVE-2025-1098 vulnerabilities

Vulnerabilities for packages: ingress-nginx-controller, ingress-nginx-controller-fips...

8.8CVSS6.6AI score0.83066EPSS
Exploits7
f5
f5
added 2025/03/25 6:29 p.m.44 views

K000150538: Kubernetes ingress-nginx vulnerabilities CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, and CVE-2025-24514

Security Advisory Description CVE-2025-1097 also known as IngressNightmare A security issue was discovered in ingress-nginx https : //github . com/kubernetes/ingress-nginx where the auth-tls-match-cn Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary cod...

9.8CVSS6.8AI score0.99098EPSS
Exploits21
cvelist
cvelist
added 2025/03/24 11:29 p.m.327 views

CVE-2025-1098 ingress-nginx controller - configuration injection via unsanitized mirror annotations

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the mirror-target and mirror-host Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx...

8.8CVSS0.83066EPSS
Exploits7References1
cve
cve
added 2025/03/24 11:29 p.m.421 views

CVE-2025-1098

CVE-2025-1098 affects the Ingress-NGINX Controller (Admission Controller) used in Kubernetes. The vulnerability arises from the mirror-target/mirror-host annotations, which can inject arbitrary configuration into nginx, enabling arbitrary code execution in the ingress-nginx process and potential ...

8.8CVSS7.9AI score0.83066EPSS
Exploits7References3
vulnrichment
vulnrichment
added 2025/03/24 11:29 p.m.13 views

CVE-2025-1098 ingress-nginx controller - configuration injection via unsanitized mirror annotations

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the mirror-target and mirror-host Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx...

8.8CVSS7.9AI score0.83066EPSS
Exploits7References1
circl
circl
added 2025/03/24 5:55 p.m.9 views

CVE-2025-1098

creationtimestamp| type| source ---|---|--- 2025-03-24 17:55:00+00:00| seen| https://thehackernews.com/2025/03/critical-ingress-nginx-controller.html 2025-03-24 21:56:48+00:00| seen| https://bsky.app/profile/lookitup.baby/post/3ll5qr5t6uk2k 2025-03-24 22:01:06+00:00| seen|...

8.8CVSS6.5AI score0.83066EPSS
Exploits7References55
mscve
mscve
added 2025/03/24 7:0 a.m.31 views

Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller

Ingress Controllers play a critical role within Kubernetes clusters by enabling the functionality of Ingress resources. Azure Kubernetes Service AKS is aware of several security vulnerabilities affecting the Kubernetes ingress-nginx controller, including CVE-2025-1098, CVE-2025-1974, CVE-2025-109...

9.8CVSS7.5AI score0.99098EPSS
Exploits21
mscve
mscve
added 2025/03/24 7:0 a.m.65 views

Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller

Ingress Controllers play a critical role within Kubernetes clusters by enabling the functionality of Ingress resources. Azure Kubernetes Service AKS is aware of several security vulnerabilities affecting the Kubernetes ingress-nginx controller, including CVE-2025-1098, CVE-2025-1974, CVE-2025-109...

9.8CVSS7.5AI score0.99098EPSS
Exploits21
mscve
mscve
added 2025/03/24 7:0 a.m.21 views

Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller

Ingress Controllers play a critical role within Kubernetes clusters by enabling the functionality of Ingress resources. Azure Kubernetes Service AKS is aware of several security vulnerabilities affecting the Kubernetes ingress-nginx controller, including CVE-2025-1098, CVE-2025-1974, CVE-2025-109...

9.8CVSS7.5AI score0.99098EPSS
Exploits21
Rows per page
Query Builder