10 matches found
ingress-nginx Configuration Injection
A security issue was discovered in ingress-nginx where the nginx.ingress.kubernetes.io/rewrite-target Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible t...
CVE-2026-3288
A security issue was discovered in ingress-nginx where the nginx.ingress.kubernetes.io/rewrite-target Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible t...
CVE-2026-3288
A security issue was discovered in ingress-nginx where the nginx.ingress.kubernetes.io/rewrite-target Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible t...
EUVD-2025-203903
A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-14727
A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-14727 NGINX Ingress Controller vulnerability
A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-14727 NGINX Ingress Controller vulnerability
A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-14727
CVE-2025-14727 affects the NGINX Ingress Controller due to improper validation of the nginx.org/rewrite-target annotation, enabling a path traversal style issue. The F5 advisory notes that the vulnerability is present in the 5.x line (5.3.0) and fixes were introduced in 5.3.1; other branches have...
PT-2025-51836
Name of the Vulnerable Software and Affected Versions NGINX Ingress Controller affected versions not specified Description A security issue exists in the NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. The issue concerns validation of the annotation. Software versions...
F5 NGINX Ingress Controller 路径遍历漏洞
F5 NGINX Ingress Controller is a traffic management solution from F5 USA for cloud-native applications in Kubernetes and containerized environments. A path traversal vulnerability exists in F5 NGINX Ingress Controller, which stems from improper validation of the nginx.org/rewrite-target annotatio...