Ingress-nginx CVE-2025-1974: What You Need to Know

kubernetes.io

cross-posted to:
homelab@lemmy.ml
selfhosted@lemmy.world
kubernetes@programming.dev

Ingress-nginx CVE-2025-1974: What You Need to Know

kubernetes.io

librebyte@lemmy.mlM to LibreByte@lemmy.mlEnglish · 1 month ago

cross-posted to:
homelab@lemmy.ml
selfhosted@lemmy.world
kubernetes@programming.dev

Today, the ingress-nginx maintainers have released patches for a batch of critical vulnerabilities that could make it easy for attackers to take over your Kubernetes cluster. If you are among the over 40% of Kubernetes administrators using ingress-nginx, you should take action immediately to protect your users and data. Background Ingress is the traditional Kubernetes feature for exposing your workload Pods to the world so that they can be useful. In an implementation-agnostic way, Kubernetes users can define how their applications should be made available on the network.

You must log in or register to comment.

Chat