Critical Vulnerability in Kubernetes Ingress-Nginx: Arbitrary Code Execution

Popular：

Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Critical Vulnerability in Kubernetes Ingress-Nginx: Arbitrary Code Execution

2025-03-24

Multiple critical vulnerabilities have been discovered in Kubernetes Ingress-Nginx, the most severe (CVE-2025-1974) with a CVSS score of 9.8, allowing for arbitrary code execution and potential cluster-wide Secret leakage. All versions prior to v1.11.5 and v1.12.1 are affected. Immediate upgrade to the latest version or temporary disabling of the Validating Admission Controller is strongly recommended.

(groups.google.com)

Development

GM Forces Dealer to Halt Aftermarket CarPlay/Android Auto Kit for Ultium EVs

Remote Radioactive Material Detection: A 10-Meter Breakthrough