399 matches found
Ingress-Nginx Controller - Configuration Injection via Unsanitized `auth-url` Annotation
A security issue was discovered in ingress-nginx https-//github.com/kubernetes/ingress-nginx where the auth-url Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets...
Ingress-Nginx Controller - Configuration Injection via Unsanitized `auth-tls-match-cn` Annotation
A security issue was discovered in ingress-nginx https-//github.com/kubernetes/ingress-nginx where the auth-tls-match-cn Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of...
Ingress-Nginx Controller - Configuration Injection via Unsanitized Mirror Annotations
A security issue was discovered in ingress-nginx https-//github.com/kubernetes/ingress-nginx where the mirror-target and mirror-host Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx...
GHSA-78JW-WW3G-9WP7 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller-fips, ingress-nginx-controller...
GHSA-2388-JP8V-FG9W vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller-fips, ingress-nginx-controller...
CVE-2026-48142 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller-fips, ingress-nginx-controller...
CVE-2026-42055 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller-fips, ingress-nginx-controller...
CVE-2026-48142 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
CVE-2026-42055 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
GHSA-78JW-WW3G-9WP7 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
GHSA-2388-JP8V-FG9W vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
CVE-2026-54762
Traefik is an HTTP reverse proxy and load balancer. From 3.7.0-ea.1 until 3.7.5, there is a medium severity vulnerability in Traefik's Kubernetes Ingress NGINX provider that causes affected routes to fail open. When an Ingress explicitly enables BasicAuth or DigestAuth through the supported...
CVE-2026-54762
Traefik is an HTTP reverse proxy and load balancer. From 3.7.0-ea.1 until 3.7.5, there is a medium severity vulnerability in Traefik's Kubernetes Ingress NGINX provider that causes affected routes to fail open. When an Ingress explicitly enables BasicAuth or DigestAuth through the supported...
openSUSE 16 Security Update : syft (openSUSE-SU-2026:20928-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20928-1 advisory. Changes in syft: - Update to version 1.45.0: Added Features - Add support for ZapAddOns as jar files 4654 4932 @douglasclarke - MySQL binary classifier...
OPENSUSE-SU-2026:20928-1 Security update for syft
This update for syft fixes the following issues: Changes in syft: - Update to version 1.45.0: Added Features - Add support for ZapAddOns as jar files 4654 4932 @douglasclarke - MySQL binary classifier should distinguish between MySQL Cluster ndb and MySQL 3297 4907 @witchcraze - Catalog...
Exploit for CVE-2026-42945
ingress-nginx CVE-2026-42945 backport kit This repository doc...
GHSA-GCGV-V5GF-C543 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
CVE-2026-42945 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller...
GHSA-GCGV-V5GF-C543 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller-fips, ingress-nginx-controller...
CVE-2026-42945 vulnerabilities
Vulnerabilities for packages: ingress-nginx-controller-fips, ingress-nginx-controller...