github.com/kubernetes/ingress-nginx is vulnerable to directive injection. a malicious user who has the privileges to create or update ingress objects is able to use .metadata.annotations
in an Ingress object to obtain the credentials of the ingress-nginx controller.