Количество 10
Количество 10
CVE-2025-24514
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
CVE-2025-24514
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
GHSA-fwwp-xcxw-39vq
ingress-nginx controller - configuration injection via unsanitized auth-url annotation
BDU:2025-03220
Уязвимость контроллера входящего трафика в кластере Kubernetes ingress-nginx, связанная с недостаточной проверкой входных данных, позволяющая нарушителю выполнить произвольный код
CVE-2025-24514
Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller
CVE-2025-24513
Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller
CVE-2025-1974
Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller
CVE-2025-1098
Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller
CVE-2025-1097
Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller
ROS-20250417-05
Множественные уязвимости golang-k8s-ingress-nginx
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-24514 A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) | 38% Средний | 8 месяцев назад | |
 | CVE-2025-24514 A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) | CVSS3: 8.8 | 38% Средний | 8 месяцев назад |
| GHSA-fwwp-xcxw-39vq ingress-nginx controller - configuration injection via unsanitized auth-url annotation | CVSS3: 8.8 | 38% Средний | 8 месяцев назад |
 | BDU:2025-03220 Уязвимость контроллера входящего трафика в кластере Kubernetes ingress-nginx, связанная с недостаточной проверкой входных данных, позволяющая нарушителю выполнить произвольный код | CVSS3: 8.8 | 38% Средний | 8 месяцев назад |
 | CVE-2025-24514 Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller | 38% Средний | 8 месяцев назад | |
| CVE-2025-24513 Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller | 0% Низкий | 8 месяцев назад | |
| CVE-2025-1974 Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller | 88% Высокий | 8 месяцев назад | |
| CVE-2025-1098 Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller | 38% Средний | 8 месяцев назад | |
| CVE-2025-1097 Kubernetes: Vulnerability in Kubernetes NGINX Ingress Controller | 10% Средний | 8 месяцев назад | |
 | ROS-20250417-05 Множественные уязвимости golang-k8s-ingress-nginx | CVSS3: 9.8 | 7 месяцев назад |
Уязвимостей на страницу