Logo
Explore Help
Sign In
admin/cve
1
0
Fork 0
You've already forked cve
mirror of https://github.com/0xMarcio/cve.git synced 2025-11-30 18:56:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2025/CVE-2025-1098.md
0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00

1.8 KiB
Raw Blame History

CVE-2025-1098

Description

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the mirror-target and mirror-host Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)

POC

Reference

No PoCs from references.

Github

  • https://github.com/0xMarcio/cve
  • https://github.com/ARPSyndicate/cve-scores
  • https://github.com/B1ack4sh/Blackash-CVE-2025-1974
  • https://github.com/Esonhugh/ingressNightmare-CVE-2025-1974-exps
  • https://github.com/GhostTroops/TOP
  • https://github.com/Threekiii/CVE
  • https://github.com/chhhd/CVE-2025-1974
  • https://github.com/gian2dchris/ingress-nightmare-poc
  • https://github.com/giterlizzi/secdb-feeds
  • https://github.com/hakaioffsec/IngressNightmare-PoC
  • https://github.com/killsystema/IngressNightmare
  • https://github.com/lufeirider/IngressNightmare-PoC
  • https://github.com/moften/IngressNightmare-Vulnerability
  • https://github.com/plzheheplztrying/cve_monitor
  • https://github.com/salt318/CVE-2025-1974
  • https://github.com/sandumjacob/IngressNightmare-POCs
  • https://github.com/scottymcandrew/ingress-nightmare
Powered by Gitea Version: 1.23.1 Page: 626ms Template: 3ms
English
Bahasa Indonesia Deutsch English Español Français Gaeilge Italiano Latviešu Magyar nyelv Nederlands Polski Português de Portugal Português do Brasil Suomi Svenska Türkçe Čeština Ελληνικά Български Русский Українська فارسی മലയാളം 日本語 简体中文 繁體中文(台灣) 繁體中文(香港) 한국어
Licenses API