50 matches found
Exploit for CVE-2026-3288
CVE-2026-3288 Vulnerable Lab Docker NGINX Ingress Control...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation via the nginx.ingress.kubernetes.io/auth-method annotation, which allows injection of configuration into nginx. An attacker can execute arbitrary code in the context of the ingress controller and access sensiti...
CVE-2025-14727
A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
EUVD-2025-203903
A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-14727
A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-14727
A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-14727 NGINX Ingress Controller vulnerability
A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-14727 NGINX Ingress Controller vulnerability
A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-14727
CVE-2025-14727 affects the NGINX Ingress Controller due to improper validation of the nginx.org/rewrite-target annotation, enabling a path traversal style issue. The F5 advisory notes that the vulnerability is present in the 5.x line (5.3.0) and fixes were introduced in 5.3.1; other branches have...
PT-2025-51836
Name of the Vulnerable Software and Affected Versions NGINX Ingress Controller affected versions not specified Description A security issue exists in the NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. The issue concerns validation of the annotation. Software versions...
CVE-2025-66491 Traefik has Inverted TLS Verification Logic in its ingress-nginx Provider
Traefik is an HTTP reverse proxy and load balancer. Versions 3.5.0 through 3.6.2 have inverted TLS verification logic in the nginx.ingress.kubernetes.io/proxy-ssl-verify annotation. Setting the annotation to "on" intending to enable backend TLS certificate verification actually disables...
CVE-2025-66491 Traefik has Inverted TLS Verification Logic in its ingress-nginx Provider
Traefik is an HTTP reverse proxy and load balancer. Versions 3.5.0 through 3.6.2 have inverted TLS verification logic in the nginx.ingress.kubernetes.io/proxy-ssl-verify annotation. Setting the annotation to "on" intending to enable backend TLS certificate verification actually disables...
CVE-2025-66491
Traefik (HTTP reverse proxy/load balancer) versions 3.5.0–3.6.2 expose a vulnerability in the nginx.ingress.kubernetes.io/proxy-ssl-verify annotation: the TLS verification logic is inverted, so setting the annotation to "on" intended to enable verification actually disables it, enabling possible ...
Improper Certificate Validation
Overview Affected versions of this package are vulnerable to Improper Certificate Validation due to inverted logic in the InsecureSkipVerify field when processing the nginx.ingress.kubernetes.io/proxy-ssl-verify annotation. An attacker can intercept and read sensitive data by performing...
EUVD-2021-10173
Malware in sbrugna...
EUVD-2022-52395
Malicious code in bioql PyPI...
EUVD-2023-2727
Malicious code in bioql PyPI...
CVE-2021-23055
On version 2.x before 2.0.3 and 1.x before 1.12.3, the command line restriction that controls snippet use with NGINX Ingress Controller does not apply to Ingress objects. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
Exploit for CVE-2025-1974
🚨 Log Injection Test via Ingress-NGINX Admission Controller...
Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller
Ingress Controllers play a critical role within Kubernetes clusters by enabling the functionality of Ingress resources. Azure Kubernetes Service AKS is aware of several security vulnerabilities affecting the Kubernetes ingress-nginx controller, including CVE-2025-1098, CVE-2025-1974, CVE-2025-109...