Kubernetes Ingress Nginx
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Kubernetes Ingress Nginx.
By the Year
In 2025 there have been 5 vulnerabilities in Kubernetes Ingress Nginx with an average score of 8.2 out of ten. Ingress Nginx did not have any published security vulnerabilities last year. That is, 5 more vulnerabilities have already been reported in 2025 as compared to last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 5 | 8.20 |
| 2024 | 0 | 0.00 |
| 2023 | 4 | 7.65 |
| 2022 | 2 | 7.60 |
| 2021 | 1 | 7.10 |
It may take a day or so for new Ingress Nginx vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Kubernetes Ingress Nginx Security Vulnerabilities
Ingress- Nginx auth-url Annotation RCE Leading to Secrets Exposure
CVE-2025-24514
8.8 - High
- March 25, 2025
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-url` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
Improper Input Validation
Directory Traversal via Admission Controller File Inclusion in ingress-nginx
CVE-2025-24513
4.8 - Medium
- March 25, 2025
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where attacker-provided data are included in a filename by the ingress-nginx Admission Controller feature, resulting in directory traversal within the container. This could result in denial of service, or when combined with other vulnerabilities, limited disclosure of Secret objects from the cluster.
Improper Input Validation
ingress-nginx mirror-annotations enable arbitrary config injection & code exec
CVE-2025-1098
8.8 - High
- March 25, 2025
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `mirror-target` and `mirror-host` Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
Improper Input Validation
Ingress-nginx auth-tls-match-cn Injection Enables Code Execution
CVE-2025-1097
8.8 - High
- March 25, 2025
A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-cn` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
Improper Input Validation
Ingress-nginx: Arbitrary Exec via Pod Network in K8s
CVE-2025-1974
9.8 - Critical
- March 25, 2025
A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
Separation of Privilege
Code Injection via NGINX Ingress Annotation
CVE-2023-5044
8.8 - High
- October 25, 2023
Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation.
Code Injection
NGINX Ingress Annotation Injection -> Arbitrary Cmd Exec
CVE-2023-5043
8.8 - High
- October 25, 2023
Ingress nginx annotation injection causes arbitrary command execution.
Injection
Ingress-nginx path sanitization bypass via log_format
CVE-2022-4886
6.5 - Medium
- October 25, 2023
Ingress-nginx `path` sanitization can be bypassed with `log_format` directive.
A security issue was discovered in ingress-nginx where a user
CVE-2021-25748
6.5 - Medium
- May 24, 2023
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the `spec.rules[].http.paths[].path` field of an Ingress object (in the `networking.k8s.io` or `extensions` API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster.
A security issue was discovered in ingress-nginx where a user
CVE-2021-25746
7.1 - High
- May 06, 2022
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use .metadata.annotations in an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster.
Improper Input Validation
A security issue was discovered in ingress-nginx where a user
CVE-2021-25745
8.1 - High
- May 06, 2022
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the spec.rules[].http.paths[].path field of an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster.
Improper Input Validation
A security issue was discovered in ingress-nginx where a user
CVE-2021-25742
7.1 - High
- October 29, 2021
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the custom snippets feature to obtain all secrets in the cluster.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Kubernetes Ingress Nginx or by Kubernetes? Click the Watch button to subscribe.
