Poster - CVE CyberSecurity Database News (Page 125)

Mar 25, 2025 Exploit

CVE-2025-1098 - Ingress-NGINX Annotation Vulnerability Lets Attackers Inject Code and Steal Kubernetes Secrets

Kubernetes users often depend on the popular ingress-nginx controller to expose HTTP and HTTPS routes from outside the cluster to services within. While ingress-nginx is

Mar 25, 2025

CVE-2025-24513 - Exploiting Directory Traversal in Kubernetes ingress-nginx Admission Controller

Date: June 2024 Severity: High Affected project: kubernetes/ingress-nginx CVE: CVE-2025-24513 Overview A new security flaw, CVE-2025-24513, has been found in the popular ingress-nginx controller

Mar 25, 2025 API

CVE-2025-1974 - How Ingress-NGINX in Kubernetes Can Expose Your Secrets (And How Attackers Can Exploit It)

In mid-2025, a serious security vulnerability was found in Kubernetes, tracked as CVE-2025-1974. If you’re using the popular Kubernetes ingress-nginx controller, your cluster could

Mar 25, 2025 Exploit

CVE-2025-1097 - Ingress-NGINX `auth-tls-match-cn` Annotation Bypass—Arbitrary Code Execution & Secret Leakage

Published: June 2024 Product affected: Kubernetes Ingress-NGINX CVE: CVE-2025-1097 A newly disclosed vulnerability (CVE-2025-1097) in Kubernetes’ Ingress-NGINX controller allows a user to inject malicious NGINX

Mar 24, 2025 API Exploit

CVE-2025-26512 - SnapCenter Privilege Escalation Vulnerability Explained & Exploited

NetApp’s SnapCenter is a popular backup and management tool used by enterprises worldwide to safeguard applications, databases, and files. But in early 2025, cybersecurity