rpm package
opensuse/rke&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/rke&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-25745 | Hig | 7.6 | < 1.3.10-1.1 | 1.3.10-1.1 | May 6, 2022 | A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the spec.rules[].http.paths[].path field of an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controll | |
| CVE-2021-25742 | Hig | 7.6 | < 1.3.3-1.1 | 1.3.3-1.1 | Oct 29, 2021 | A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the custom snippets feature to obtain all secrets in the cluster. |
- affected < 1.3.10-1.1fixed 1.3.10-1.1
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the spec.rules[].http.paths[].path field of an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controll
- affected < 1.3.3-1.1fixed 1.3.3-1.1
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the custom snippets feature to obtain all secrets in the cluster.