A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the custom snippets feature to obtain all secrets in the cluster.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: kubernetes
Published: 2021-10-29T04:05:10.713250Z
Updated: 2024-09-16T23:06:12.392Z
Reserved: 2021-01-21T00:00:00
Link: CVE-2021-25742
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-10-29T04:15:08.220
Modified: 2024-11-21T05:55:19.853
Link: CVE-2021-25742
Redhat