Lucene search
K

50 matches found

GithubExploit
GithubExploit
added 2026/04/08 11:26 a.m.150 views

Exploit for CVE-2026-3288

CVE-2026-3288 Vulnerable Lab Docker NGINX Ingress Control...

8.8CVSS6.1AI score0.06669EPSS
Exploits1
Snyk
Snyk
added 2026/02/03 10:54 p.m.1 views

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation via the nginx.ingress.kubernetes.io/auth-method annotation, which allows injection of configuration into nginx. An attacker can execute arbitrary code in the context of the ingress controller and access sensiti...

8.8CVSS6.1AI score0.00485EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/12/18 4:35 p.m.8 views

CVE-2025-14727

A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.9AI score0.00373EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/17 6:31 p.m.7 views

EUVD-2025-203903

A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.4AI score0.00373EPSS
Exploits0References2
NVD
NVD
added 2025/12/17 4:16 p.m.13 views

CVE-2025-14727

A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS0.00373EPSS
Exploits0References1
OSV
OSV
added 2025/12/17 4:16 p.m.5 views

CVE-2025-14727

A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.3CVSS6.8AI score
Exploits0References1
Cvelist
Cvelist
added 2025/12/17 3:48 p.m.32 views

CVE-2025-14727 NGINX Ingress Controller vulnerability

A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS0.00373EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/17 3:48 p.m.4 views

CVE-2025-14727 NGINX Ingress Controller vulnerability

A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.5AI score0.00373EPSS
Exploits0References1
CVE
CVE
added 2025/12/17 3:48 p.m.45 views

CVE-2025-14727

CVE-2025-14727 affects the NGINX Ingress Controller due to improper validation of the nginx.org/rewrite-target annotation, enabling a path traversal style issue. The F5 advisory notes that the vulnerability is present in the 5.x line (5.3.0) and fixes were introduced in 5.3.1; other branches have...

8.7CVSS6.5AI score0.00373EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/17 12:0 a.m.5 views

PT-2025-51836

Name of the Vulnerable Software and Affected Versions NGINX Ingress Controller affected versions not specified Description A security issue exists in the NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. The issue concerns validation of the annotation. Software versions...

8.7CVSS6.3AI score0.00373EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/12/09 12:38 a.m.2 views

CVE-2025-66491 Traefik has Inverted TLS Verification Logic in its ingress-nginx Provider

Traefik is an HTTP reverse proxy and load balancer. Versions 3.5.0 through 3.6.2 have inverted TLS verification logic in the nginx.ingress.kubernetes.io/proxy-ssl-verify annotation. Setting the annotation to "on" intending to enable backend TLS certificate verification actually disables...

5.9CVSS6.3AI score0.00205EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/09 12:38 a.m.31 views

CVE-2025-66491 Traefik has Inverted TLS Verification Logic in its ingress-nginx Provider

Traefik is an HTTP reverse proxy and load balancer. Versions 3.5.0 through 3.6.2 have inverted TLS verification logic in the nginx.ingress.kubernetes.io/proxy-ssl-verify annotation. Setting the annotation to "on" intending to enable backend TLS certificate verification actually disables...

5.9CVSS0.00205EPSS
Exploits0References3
CVE
CVE
added 2025/12/09 12:38 a.m.18 views

CVE-2025-66491

Traefik (HTTP reverse proxy/load balancer) versions 3.5.0–3.6.2 expose a vulnerability in the nginx.ingress.kubernetes.io/proxy-ssl-verify annotation: the TLS verification logic is inverted, so setting the annotation to "on" intended to enable verification actually disables it, enabling possible ...

5.9CVSS6.3AI score0.00205EPSS
Exploits0References3Affected Software1
Snyk
Snyk
added 2025/12/08 4:43 p.m.2 views

Improper Certificate Validation

Overview Affected versions of this package are vulnerable to Improper Certificate Validation due to inverted logic in the InsecureSkipVerify field when processing the nginx.ingress.kubernetes.io/proxy-ssl-verify annotation. An attacker can intercept and read sensitive data by performing...

8.2CVSS6.7AI score0.00205EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-10173

Malware in sbrugna...

6.5CVSS6.4AI score0.00718EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2022-52395

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00586EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-2727

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.56568EPSS
Exploits2References7
RedhatCVE
RedhatCVE
added 2025/05/22 7:17 p.m.10 views

CVE-2021-23055

On version 2.x before 2.0.3 and 1.x before 1.12.3, the command line restriction that controls snippet use with NGINX Ingress Controller does not apply to Ingress objects. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

6.5CVSS7AI score0.00718EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2025/03/27 3:28 a.m.251 views

Exploit for CVE-2025-1974

🚨 Log Injection Test via Ingress-NGINX Admission Controller...

9.8CVSS10AI score0.99098EPSS
Exploits20
Microsoft CVE
Microsoft CVE
added 2025/03/24 7:0 a.m.20 views

Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller

Ingress Controllers play a critical role within Kubernetes clusters by enabling the functionality of Ingress resources. Azure Kubernetes Service AKS is aware of several security vulnerabilities affecting the Kubernetes ingress-nginx controller, including CVE-2025-1098, CVE-2025-1974, CVE-2025-109...

9.8CVSS7.5AI score0.99098EPSS
Exploits21
Rows per page
Query Builder