Ingress-nginx CVE-2025-1974: What You Need to Know
(Redirected from CVE-2025-1974: What You Need to Know)
Jump to navigation
Jump to search
Impact: Disclosure of Secrets accessible to the controller.
- https://kubernetes.io/blog/2025/03/24/ingress-nginx-cve-2025-1974/
- CVE: 9.8 Critical https://nvd.nist.gov/vuln/detail/CVE-2025-1974
- By default, ingress-nginx has access to all Secrets cluster-wide
Related[edit]
- helm install ingress-nginx
controller.admissionWebhooks.enabled=false- Validating Admission Controller
See also[edit]
Advertising:
