Lucene search
K

10 matches found

Packet Storm News
Packet Storm News
added 2026/05/08 12:0 a.m.12 views

ingress-nginx Configuration Injection

A security issue was discovered in ingress-nginx where the nginx.ingress.kubernetes.io/rewrite-target Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible t...

8.8CVSS6.3AI score0.06669EPSS
Exploits1
NVD
NVD
added 2026/03/09 9:16 p.m.8 views

CVE-2026-3288

A security issue was discovered in ingress-nginx where the nginx.ingress.kubernetes.io/rewrite-target Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible t...

8.8CVSS0.06669EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/03/09 9:0 p.m.5 views

CVE-2026-3288

A security issue was discovered in ingress-nginx where the nginx.ingress.kubernetes.io/rewrite-target Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible t...

8.8CVSS6.2AI score0.06669EPSS
Exploits1References2
EUVD
EUVD
added 2025/12/17 6:31 p.m.7 views

EUVD-2025-203903

A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.4AI score0.00373EPSS
Exploits0References2
NVD
NVD
added 2025/12/17 4:16 p.m.13 views

CVE-2025-14727

A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS0.00373EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/17 3:48 p.m.32 views

CVE-2025-14727 NGINX Ingress Controller vulnerability

A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS0.00373EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/17 3:48 p.m.4 views

CVE-2025-14727 NGINX Ingress Controller vulnerability

A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.5AI score0.00373EPSS
Exploits0References1
CVE
CVE
added 2025/12/17 3:48 p.m.45 views

CVE-2025-14727

CVE-2025-14727 affects the NGINX Ingress Controller due to improper validation of the nginx.org/rewrite-target annotation, enabling a path traversal style issue. The F5 advisory notes that the vulnerability is present in the 5.x line (5.3.0) and fixes were introduced in 5.3.1; other branches have...

8.7CVSS6.5AI score0.00373EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/17 12:0 a.m.5 views

PT-2025-51836

Name of the Vulnerable Software and Affected Versions NGINX Ingress Controller affected versions not specified Description A security issue exists in the NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. The issue concerns validation of the annotation. Software versions...

8.7CVSS6.3AI score0.00373EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.9 views

F5 NGINX Ingress Controller 路径遍历漏洞

F5 NGINX Ingress Controller is a traffic management solution from F5 USA for cloud-native applications in Kubernetes and containerized environments. A path traversal vulnerability exists in F5 NGINX Ingress Controller, which stems from improper validation of the nginx.org/rewrite-target annotatio...

8.7CVSS6.6AI score0.00373EPSS
Exploits0References1
Rows per page
Query Builder