Количество 10
Количество 10
CVE-2025-1098
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `mirror-target` and `mirror-host` Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
CVE-2025-1098
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `mirror-target` and `mirror-host` Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
GHSA-vg63-w3p9-jc9m
ingress-nginx controller - configuration injection via unsanitized mirror annotations
BDU:2025-05133
Уязвимость контроллера входящего трафика в кластере Kubernetes ingress-nginx, связанная с ошибками при обработке аннотаций Ingress-объектов, позволяющая нарушителю выполнить произвольный код
CVE-2025-24514
Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller
CVE-2025-24513
Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller
CVE-2025-1974
Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller
CVE-2025-1098
Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller
CVE-2025-1097
Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller
ROS-20250417-05
Множественные уязвимости golang-k8s-ingress-nginx
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-1098 A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `mirror-target` and `mirror-host` Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) | 40% Средний | 3 месяца назад | |
 | CVE-2025-1098 A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `mirror-target` and `mirror-host` Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) | CVSS3: 8.8 | 40% Средний | 3 месяца назад |
| GHSA-vg63-w3p9-jc9m ingress-nginx controller - configuration injection via unsanitized mirror annotations | CVSS3: 8.8 | 40% Средний | 3 месяца назад |
 | BDU:2025-05133 Уязвимость контроллера входящего трафика в кластере Kubernetes ingress-nginx, связанная с ошибками при обработке аннотаций Ingress-объектов, позволяющая нарушителю выполнить произвольный код | CVSS3: 8.8 | 40% Средний | 3 месяца назад |
 | CVE-2025-24514 Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller | 31% Средний | 3 месяца назад | |
| CVE-2025-24513 Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller | 0% Низкий | 3 месяца назад | |
| CVE-2025-1974 Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller | 87% Высокий | 3 месяца назад | |
| CVE-2025-1098 Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller | 40% Средний | 3 месяца назад | |
| CVE-2025-1097 Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller | 8% Низкий | 3 месяца назад | |
 | ROS-20250417-05 Множественные уязвимости golang-k8s-ingress-nginx | CVSS3: 9.8 | 2 месяца назад |
Уязвимостей на страницу