Tag: ingress
-
Hacker News: RCE Vulnerabilities in K8s Ingress Nginx (9.8 CVE for ingress-Nginx)
Source URL: https://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities Source: Hacker News Title: RCE Vulnerabilities in K8s Ingress Nginx (9.8 CVE for ingress-Nginx) Feedly Summary: Comments AI Summary and Description: Yes ### Summary: The text outlines the discovery of significant vulnerabilities in the Ingress NGINX Controller for Kubernetes, known as IngressNightmare. These vulnerabilities, which allow unauthenticated Remote Code Execution (RCE), pose…
-
The Register: Public-facing Kubernetes clusters at risk of takeover thanks to Ingress-Nginx flaw
Source URL: https://www.theregister.com/2025/03/25/kubernetes_flaw_rce_risk/ Source: The Register Title: Public-facing Kubernetes clusters at risk of takeover thanks to Ingress-Nginx flaw Feedly Summary: How many K8s systems are sat on the internet front porch like that … Oh, thousands, apparently Cloudy infosec outfit Wiz has discovered serious vulnerabilities in the admission controller component of Ingress-Nginx Controller that could…
-
Hacker News: Multiple vulnerabilities in ingress-Nginx (Score 9.8)
Source URL: https://groups.google.com/g/kubernetes-security-announce/c/2qa9DFtN0cQ Source: Hacker News Title: Multiple vulnerabilities in ingress-Nginx (Score 9.8) Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses critical vulnerabilities in the ingress-nginx component of Kubernetes that could lead to arbitrary code execution and secret disclosure. The seriousness of these vulnerabilities necessitates immediate action, specifically patching or upgrading…