A security issue was discovered in ingress-nginx where an actor with permission to create Ingress objects (in the `networking.k8s.io` or `extensions` API group) can bypass annotation validation to inject arbitrary commands and obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster.

A security issue was discovered in ingress-nginx where an actor with permission to create Ingress objects (in the `networking.k8s.io` or `extensions` API group) can bypass annotation validation to inject arbitrary commands and obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster.

Уязвимость контроллера входящего трафика в кластере Kubernetes ingress-nginx, связанная с ошибками при обработке аннотаций Ingress-объектов, позволяющая нарушителю повысить свои привилегии

Уязвимость golang-k8s-ingress-nginx