All 4 CVE vulnerabilities found in Kubernetes ingress-nginx, with AI-generated Chinese analysis, references, and POCs.
Vendor: Kubernetes
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-25748 | Ingress-nginx `path` sanitization can be bypassed with newline character CWE-20 | 7.6 | High | 2023-05-24 |
| CVE-2021-25746 | Ingress-nginx directive injection via annotations CWE-20 | 7.6 | High | 2022-05-06 |
| CVE-2021-25745 | Ingress-nginx path can be pointed to service account token file CWE-20 | 7.6 | High | 2022-05-06 |
| CVE-2021-25742 | Ingress-nginx custom snippets allows retrieval of ingress-nginx serviceaccount token and secrets across all namespaces CWE-20 | 7.6 | High | 2021-10-29 |
All 4 known CVE vulnerabilities affecting Kubernetes ingress-nginx with full Chinese analysis, references, and POCs where available.