{"vulnerability": "CVE-2025-1098", "sightings": [{"uuid": "715dce00-6145-4a1e-8e8b-f787fcbf005c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-feeb6c24-c70747e08b7ea0ca", "content": "", "creation_timestamp": "2025-03-31T15:55:24.548107Z"}, {"uuid": "215e524f-d135-4a69-a3c5-547a2ba9fe1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-feeb6c24-c70747e08b7ea0ca", "content": "", "creation_timestamp": "2025-03-31T15:55:24.557127Z"}, {"uuid": "909bd221-d77a-43ad-baf7-e7c8c9df38e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/buzzleaktv.bsky.social/post/3llbt7nbtgw2u", "content": "", "creation_timestamp": "2025-03-26T12:51:21.316485Z"}, {"uuid": "a9f36bac-0c1b-4e93-a0a6-449a31e160b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/lookitup.baby/post/3ll5qr5t6uk2k", "content": "", "creation_timestamp": "2025-03-24T21:56:48.662845Z"}, {"uuid": "73f5f1ff-8e59-44da-abb3-efd336b422ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/sushicomabacate.com/post/3ll6wwsqkdc2t", "content": "", "creation_timestamp": "2025-03-25T09:20:01.472885Z"}, {"uuid": "30be80f2-f6d5-4ecd-8901-c1bc0cc237c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3ll7i4umzupb2", "content": "", "creation_timestamp": "2025-03-25T14:35:32.298473Z"}, {"uuid": "40217059-c089-4f06-9277-cc5de6d2042f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3llam2asygc2x", "content": "", "creation_timestamp": "2025-03-26T01:10:23.946566Z"}, {"uuid": "37d576fb-e787-4114-b07f-8b4148140d22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/cyberkendra.bsky.social/post/3lle7kfmcyk2p", "content": "", "creation_timestamp": "2025-03-27T11:37:35.158029Z"}, {"uuid": "2b91749a-fbde-43f3-9f10-e6b3ff16cb75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/darkwebinformer.bsky.social/post/3llf3u5tfrc2s", "content": "", "creation_timestamp": "2025-03-27T20:04:01.941263Z"}, {"uuid": "0444ac7f-3ccb-4cee-b8c1-9912e87ddd32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3ll7jjzlnne2b", "content": "", "creation_timestamp": "2025-03-25T14:52:52.940069Z"}, {"uuid": "d384f088-d5e8-42d3-b13e-eb9cdefbc5d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/lookitup.baby/post/3ll5qysdxh22k", "content": "", "creation_timestamp": "2025-03-24T22:01:06.551196Z"}, {"uuid": "d25f2284-02ba-40b5-91e8-10152b8d4ee7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-1098", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3llf3uxsrzjw2", "content": "", "creation_timestamp": "2025-03-27T20:05:11.354388Z"}, {"uuid": "504d20ca-cb62-4f09-b491-baef28ccd480", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3ll6o7wc2ff22", "content": "", "creation_timestamp": "2025-03-25T06:44:47.189043Z"}, {"uuid": "34a0d8f6-c244-4c60-9977-48f2fff8c3ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3ll5sx6ecdy2e", "content": "", "creation_timestamp": "2025-03-24T22:35:57.920686Z"}, {"uuid": "057c0c99-2335-4f28-9e9b-843e4111b142", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/114219932988801200", "content": "", "creation_timestamp": "2025-03-24T23:11:08.801566Z"}, {"uuid": "0add0998-a811-4a8b-906b-9a3d987aa3b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3ll7niwkfd72l", "content": "", "creation_timestamp": "2025-03-25T16:03:51.101633Z"}, {"uuid": "03c36b46-cc9a-4f78-b734-e6365180da5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/checkmarxzero.bsky.social/post/3ll7ob4476i2u", "content": "", "creation_timestamp": "2025-03-25T16:17:21.944289Z"}, {"uuid": "224465db-c93e-4d6d-abf2-a998ae2b3b9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://threatintel.cc/2025/03/26/075641.html", "content": "", "creation_timestamp": "2025-03-26T10:56:41.000000Z"}, {"uuid": "14f41c52-2f56-4748-8a9a-33df82aed169", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114220315467623148", "content": "", "creation_timestamp": "2025-03-25T00:48:21.267851Z"}, {"uuid": "bae9a0c7-40d8-4192-8edd-1f1fd7fa5a61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://thehackernews.com/2025/03/critical-ingress-nginx-controller.html", "content": "", "creation_timestamp": "2025-03-24T17:55:00.000000Z"}, {"uuid": "44201d4a-0f8a-48a6-94a0-b6e40e721c8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-1098", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3llf5xbl55gp2", "content": "", "creation_timestamp": "2025-03-27T20:41:49.838037Z"}, {"uuid": "63afd962-ba02-406e-94fd-7f341e75ff37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/chrisshort.net/post/3llfm3uvlgy2t", "content": "", "creation_timestamp": "2025-03-28T00:54:37.633968Z"}, {"uuid": "4f44f1dc-95ae-40f5-97e4-bd72b207c3ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/Dreadnod.social.cologne.ap.brid.gy/post/3ll6qvmgt6pa2", "content": "", "creation_timestamp": "2025-03-25T07:34:59.364570Z"}, {"uuid": "1d402a4a-2e3e-4e42-958d-8df063eec72f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/syklemil.snabelen.no.ap.brid.gy/post/3ll6qmm6jtli2", "content": "", "creation_timestamp": "2025-03-25T07:28:22.972008Z"}, {"uuid": "48097902-1cdd-4549-9e9b-681cc013b931", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/fefesblog.skybot.party/post/3ll6qqgnhz72q", "content": "", "creation_timestamp": "2025-03-25T07:29:03.622387Z"}, {"uuid": "fc51b5cc-e815-4f71-b3ea-044abd804aa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3llesaz733zp2", "content": "", "creation_timestamp": "2025-03-27T17:15:03.310920Z"}, {"uuid": "901e2866-d51d-489f-82b6-135eb5dc2c6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/chrisshort.net/post/3llphyjrkem2k", "content": "", "creation_timestamp": "2025-03-31T23:07:47.811623Z"}, {"uuid": "557bc269-9aba-4259-ac42-06f3a313a20c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://hachyderm.io/users/ChrisShort/statuses/114259556320162403", "content": "", "creation_timestamp": "2025-03-31T23:07:49.188210Z"}, {"uuid": "8b7c0d8a-3668-4ac6-aa15-587e47809097", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://hachyderm.io/users/ChrisShort/statuses/114259556320162403", "content": "", "creation_timestamp": "2025-03-31T23:07:49.212666Z"}, {"uuid": "eeea721d-02e0-4cb9-887f-d59fb32b4670", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/elhacker.net/post/3llgtmkryoc25", "content": "", "creation_timestamp": "2025-03-28T12:41:53.304562Z"}, {"uuid": "af1e7ffa-8576-402a-b0c9-99159a9ef8b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3llulri3q7c2x", "content": "", "creation_timestamp": "2025-04-02T23:58:44.295876Z"}, {"uuid": "398c4e61-2502-4b7a-9c9e-217bd19454b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llj55fubcs2b", "content": "", "creation_timestamp": "2025-03-29T10:37:49.473781Z"}, {"uuid": "58908f94-9e34-4bab-a86a-0c3afdcadf55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llj55hlc2k2b", "content": "", "creation_timestamp": "2025-03-29T10:37:51.891759Z"}, {"uuid": "38e18ff0-0abf-4327-b7e8-edecd49d51c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llj55jd74k2b", "content": "", "creation_timestamp": "2025-03-29T10:37:54.306769Z"}, {"uuid": "90a66f88-8a1d-47d4-8579-9444cf38d14d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llj55ltcls2b", "content": "", "creation_timestamp": "2025-03-29T10:37:56.692303Z"}, {"uuid": "08ca4f80-2983-4452-9aee-3e0cf056ff8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3llvxmfxpnmt2", "content": "", "creation_timestamp": "2025-04-03T13:03:32.561087Z"}, {"uuid": "96786932-1780-4166-a23c-d6792c861e4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-1098.yaml", "content": "", "creation_timestamp": "2025-04-09T18:05:50.000000Z"}, {"uuid": "c16c140d-4ba9-4c31-817d-7e82e3a3004f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/115379792545602333", "content": "", "creation_timestamp": "2025-10-15T19:18:38.306779Z"}, {"uuid": "e4e0104e-fdd0-4173-bb8e-0bdc07ca27ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-05", "content": "", "creation_timestamp": "2025-04-10T10:00:00.000000Z"}, {"uuid": "ed069336-4f47-466e-b3ef-523a8a768b0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lsef3opngo2i", "content": "", "creation_timestamp": "2025-06-24T15:12:56.282131Z"}, {"uuid": "3d77682b-a85b-47cd-8b2d-1ad207f3fe01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lmkw4cdmcw27", "content": "", "creation_timestamp": "2025-04-11T21:02:24.977404Z"}, {"uuid": "5f62d716-6a53-4576-80fb-898cb8c8dbd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:47:59.000000Z"}, {"uuid": "7e85b336-9553-4178-9ede-31503cfc415d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lwbwglwoxz2t", "content": "", "creation_timestamp": "2025-08-13T13:26:04.620255Z"}, {"uuid": "124a97ff-a040-4db5-b3eb-4bc146fc7833", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:45.000000Z"}, {"uuid": "72a359f6-17c4-48bc-b253-d4883f9bb59d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://www.cert.at/de/warnungen/2025/3/kubernetes-ingress-nginx-controller-vulnerabilities", "content": "", "creation_timestamp": "2025-03-26T13:31:21.000000Z"}, {"uuid": "334a4677-c936-472a-906d-bbe76631fba6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-10985", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3m3qbrv4y2k25", "content": "", "creation_timestamp": "2025-10-21T21:32:28.182490Z"}, {"uuid": "84f7b348-e1be-4350-b5b4-6fa0a89bca44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/84edafcd-42a7-4c30-96f8-87de8e73e1ab", "content": "", "creation_timestamp": "2025-03-25T10:40:57.259809Z"}, {"uuid": "6d361086-19a8-44f5-a345-c0f7a51488f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://gist.github.com/Darkcrai86/d5391a4dc6327062b493bd576ae34de3", "content": "", "creation_timestamp": "2025-12-29T15:24:14.000000Z"}, {"uuid": "c9e75215-0a75-4fe5-8a60-5b4416e94b81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3mb5a3w2nv2s2", "content": "", "creation_timestamp": "2025-12-30T00:47:09.542020Z"}, {"uuid": "0aa82ca1-5f52-42df-a2fd-2d9129178d41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3mb5kmmjajw52", "content": "", "creation_timestamp": "2025-12-30T00:55:30.177135Z"}, {"uuid": "ece2c964-2751-41e2-8480-6110ab966232", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8575", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-1098\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A security issue was discovered in  ingress-nginx https://github.com/kubernetes/ingress-nginx  where the `mirror-target` and `mirror-host` Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)\n\ud83d\udccf Published: 2025-03-24T23:29:15.610Z\n\ud83d\udccf Modified: 2025-03-24T23:29:15.610Z\n\ud83d\udd17 References:\n1. https://github.com/kubernetes/kubernetes/issues/131008", "creation_timestamp": "2025-03-25T00:25:21.000000Z"}, {"uuid": "107a1128-51ce-4a83-b4ba-00f2793df66b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/5140", "content": "\u0411\u0430\u043b\u0434\u0451\u0436\u043d\u0430\u044f \u0434\u044b\u0440\u0430\n\n\u042f \u043d\u0435 \u0441\u043c\u043e\u0433\u0443 \u0432\u0441\u0451 \u0443\u043c\u0435\u0441\u0442\u0438\u0442\u044c \u0432 \u043f\u043e\u0441\u0442, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0447\u0435\u0441\u043a\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e \u043f\u0440\u043e\u0439\u0442\u0438 \u043f\u043e \u0441\u0441\u044b\u043b\u043a\u0435 \u043f\u043e\u0447\u0438\u0442\u0430\u0442\u044c. \u0414\u0435\u043c\u043a\u0443 PoC'\u0430 \u043f\u0440\u0438\u0446\u0435\u043f\u0438\u043b \u043a \u043f\u043e\u0441\u0442\u0443.\n\ntl;dr \nOver 40% of cloud environments are vulnerable to RCE, likely leading to a complete cluster takeover\n\nWiz Research discovered CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974, a series of unauthenticated Remote Code Execution vulnerabilities in Ingress NGINX Controller for Kubernetes dubbed #IngressNightmare. Exploitation of these vulnerabilities leads to unauthorized access to all secrets stored across all namespaces in the Kubernetes cluster by attackers, which can result in cluster takeover.\n. . .\nThe Vulnerability  \nIngress NGINX deploys an admission controller within its pod, designed to validate incoming ingress objects before they are deployed. By default, admission controllers are accessible over the network without authentication, making them a highly appealing attack vector. \n\nWhen the Ingress-NGINX admission controller processes an incoming ingress object, it constructs an NGINX configuration from it and then validates it using the NGINX binary.  Our team found a vulnerability in this phase that allows injecting an arbitrary NGINX configuration remotely, by sending a malicious ingress object directly to the admission controller through the network.  \n\nDuring the configuration validation phase, the injected NGINX configuration causes the NGINX validator to execute code, allowing remote code execution (RCE) on the Ingress NGINX Controller\u2019s pod. \n\nThe admission controller\u2019s elevated privileges and unrestricted network accessibility create a critical escalation path. Exploiting this flaw allows an attacker to execute arbitrary code and access all cluster secrets across namespaces, that could lead to complete cluster takeover.\n. . .\nMitigation &amp; Detection\n\nFirst, determine if your clusters are using ingress-nginx. In most cases, you can check this by running kubectl get pods --all-namespaces --selector app.kubernetes.io/name=ingress-nginx with cluster administrator permissions.\n\nThis vulnerability is fixed in Ingress NGINX Controller version 1.12.1 and 1.11.5. We strongly recommend that cluster admins: \n\n- Update to the latest version of Ingress NGINX Controller. \n\n- Ensure the admission webhook endpoint is not exposed externally. \n. . .\nFrom Configuration Injection to RCE \n\nWith a reliable file upload to Ingress NGINX Controller\u2019s pod, we can now put it all together to exploit this issue into a full-blown Remote Code Execution. \n\nThe exploit works as follows: \n\n- Upload our payload in the form of a shared library to the pod by abusing the client-body buffer feature of NGINX \n\n- Send an AdmissionReview request to the Ingress NGINX Controller\u2019s admission controller, which contains any one of our directive injections \n\n- The directive we inject is the ssl_engine directive, which will cause NGINX to load the specified file as a shared library \n\n- We specify the ProcFS path to the file descriptor of our payload \n\n- If everything goes well, our shared library is now loaded, and we execute code remotely \nIngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX\nhttps://www.wiz.io/blog/ingress-nginx-kubernetes-vulnerabilities\n+\nAVD-KSV-0041 - Ingress Controller - Cluster Role Allowing Access To All Secrets\nhttps://github.com/kubernetes/ingress-nginx/issues/10778\n\nissue \u0431\u044b\u043b\u0430 \u043e\u0442\u043a\u0440\u044b\u0442\u0430 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2023 \u0433\u043e\u0434\u0430 (\u0431\u044b\u043b\u0430 \u0437\u0430\u043a\u0440\u044b\u0442\u0430 \u0438 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043f\u0435\u0440\u0435\u043e\u0442\u043a\u0440\u044b\u0442\u0430), \u0430 \u043f\u043e \u0444\u0430\u043a\u0442\u0443 Wiz \u0437\u0430\u0440\u0435\u043f\u043e\u0440\u0442\u0438\u043b \u0431\u0430\u0433\u0438 \u0432 \u0434\u0435\u043a\u0430\u0431\u0440\u0435 2024 \u0442\u043e\u043b\u044c\u043a\u043e. \u0412\u043e\u0442 \u0438 \u0434\u0443\u043c\u0430\u0435\u043c \ud83c\udf1d", "creation_timestamp": "2025-03-25T08:54:56.000000Z"}, {"uuid": "ad0a4977-2202-4280-a553-95db2d0976fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/27241", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aIngressNightmare-PoC\uff1a (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974)  PoC \uff0cOne-click script \u3002 \u4e00\u952e\u811a\u672c \nURL\uff1ahttps://github.com/lufeirider/IngressNightmare-PoC\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-03-30T08:35:01.000000Z"}, {"uuid": "b4493bc0-53ef-4ce4-9ee4-5cb34039c00c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_News/2541", "content": "\ud83d\udea8 News Alert!\n\nSource: Dark Web Informer - Cyber Threat Intelligence\nTitle: PoC Code to Exploit the IngressNightmare Vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974)\nLink: https://darkwebinformer.com/poc-code-to-exploit-the-ingressnightmare-vulnerabilities-cve-2025-1097-cve-2025-1098-cve-2025-24514-and-cve-2025-1974/", "creation_timestamp": "2025-03-27T20:04:08.000000Z"}, {"uuid": "abf79b23-7803-4319-a5df-3491f6749a0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://t.me/itsec_news/5595", "content": "\u200b\u26a1\ufe0fIngressNightmare: \u043d\u043e\u0432\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u043d\u0430 Ingress-Nginx \u0432\u0435\u0434\u0451\u0442 \u043a \u043f\u043e\u043b\u043d\u043e\u043c\u0443 \u0432\u0437\u043b\u043e\u043c\u0443 Kubernetes\n\n\ud83d\udcac \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Wiz \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 admission controller \u0443 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 Ingress-Nginx \u0434\u043b\u044f Kubernetes. \u041e\u0448\u0438\u0431\u043a\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u043c. \u041f\u043e \u043e\u0446\u0435\u043d\u043a\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432, \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u0431\u043e\u043b\u0435\u0435 6 500 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0435, \u0447\u0442\u043e \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c \u0438\u0437 \u0441\u043f\u0438\u0441\u043a\u0430 Fortune 500.\n\nIngress-\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b \u0432 Kubernetes \u0441\u043b\u0443\u0436\u0430\u0442 \u0441\u0432\u044f\u0437\u0443\u044e\u0449\u0438\u043c \u0437\u0432\u0435\u043d\u043e\u043c \u043c\u0435\u0436\u0434\u0443 \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u043c\u0438\u0440\u043e\u043c \u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438 \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430. \u041e\u043d\u0438 \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044e\u0442 ingress-\u043e\u0431\u044a\u0435\u043a\u0442\u044b \u2014 \u043f\u0440\u0430\u0432\u0438\u043b\u0430, \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0449\u0438\u0435, \u043a\u0430\u043a\u043e\u0439 \u0432\u043d\u0435\u0448\u043d\u0438\u0439 HTTP/S-\u0442\u0440\u0430\u0444\u0438\u043a \u043a\u0443\u0434\u0430 \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d. Ingress-Nginx \u2014 \u043e\u0434\u0438\u043d \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u0432, \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043d\u0430 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0435 Nginx. \u041e\u043d \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u0440\u0435\u0432\u0440\u0430\u0449\u0430\u0435\u0442 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u0432 ingress-\u043e\u0431\u044a\u0435\u043a\u0442\u0430\u0445 \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b Nginx \u0438 \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0442\u0440\u0430\u0444\u0438\u043a \u0432 \u043d\u0443\u0436\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b.\n\n\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0442\u0435\u043c, \u043a\u0430\u043a Ingress-Nginx \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0442\u0430\u043a\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438. \u041e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u0437\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f admission controller. \u041f\u0440\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0438 ingress-\u043e\u0431\u044a\u0435\u043a\u0442\u0430 \u043e\u043d \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u0443\u0435\u0442 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e Nginx \u0438 \u043f\u0435\u0440\u0435\u0434\u0430\u0451\u0442 \u0435\u0451 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0431\u0438\u043d\u0430\u0440\u043d\u043e\u043c\u0443 \u0432\u0430\u043b\u0438\u0434\u0430\u0442\u043e\u0440\u0443. \u0418\u043c\u0435\u043d\u043d\u043e \u0437\u0434\u0435\u0441\u044c \u0438 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u0430: \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u0443\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043f\u0440\u044f\u043c\u043e \u0432\u043d\u0443\u0442\u0440\u0438 \u043f\u043e\u0434\u0430, \u0433\u0434\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440.\n\n\u041e\u0441\u043e\u0431\u0443\u044e \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0442\u043e, \u0447\u0442\u043e admission controller \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0438\u043c\u0435\u0435\u0442 \u0448\u0438\u0440\u043e\u043a\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u043e \u0432\u0441\u0435\u043c \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430\u043c \u0438\u043c\u0435\u043d (namespace) \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430. \u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0445\u0430\u043a\u0435\u0440\u0443 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u043a\u043e\u0434, \u043d\u043e \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u043e \u0432\u0441\u0435\u043c \u0441\u0435\u043a\u0440\u0435\u0442\u0430\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u2014 CVE-2025-1974 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.8). \u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0435 \u0447\u0435\u0440\u0435\u0437 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043e\u0444\u043e\u0440\u043c\u043b\u0435\u043d\u043d\u044b\u0439 ingress-\u043e\u0431\u044a\u0435\u043a\u0442. \u041e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u2014 CVE-2025-1097 , CVE-2025-1098 \u0438 CVE-2025-24514 \u2014 \u0438\u043c\u0435\u044e\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS: 8.8 \u0431\u0430\u043b\u043b\u043e\u0432. \u0421\u0430\u043c\u0430\u044f \u00ab\u043b\u0451\u0433\u043a\u0430\u044f\u00bb \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u2014 CVE-2025-24513 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 4.8).\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043e\u0431\u0449\u0435\u0435 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 IngressNightmare. Wiz \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c \u043e \u043d\u0430\u0445\u043e\u0434\u043a\u0435 \u0432 \u043a\u043e\u043d\u0446\u0435 2024 \u0433\u043e\u0434\u0430. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b 10 \u043c\u0430\u0440\u0442\u0430 2025 \u0433\u043e\u0434\u0430, \u043d\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u043b\u0438\u0441\u044c. \u0423\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Ingress-Nginx \u2014 1.12.1 \u0438 1.11.5 \u2014 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0440\u0438\u0441\u043a, \u0447\u0442\u043e \u043d\u0435 \u0432\u0441\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u0432\u043e\u0432\u0440\u0435\u043c\u044f \u043e\u0431\u043d\u043e\u0432\u044f\u0442 \u0441\u0432\u043e\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u044b. Kubernetes \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0445\u043e\u0441\u0442\u0438\u043d\u0433\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u044b\u0445 \u0431\u0438\u0437\u043d\u0435\u0441-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u043c\u043e\u0436\u0435\u0442 \u043e\u043a\u0430\u0437\u0430\u0442\u044c\u0441\u044f \u043d\u0435\u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u0437\u0430\u0434\u0430\u0447\u0435\u0439. \u0412 \u0442\u0430\u043a\u0438\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 Wiz \u0441\u043e\u0432\u0435\u0442\u0443\u0435\u0442 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 admission controller \u0438\u043b\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u043a \u043d\u0435\u043c\u0443 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f, \u0440\u0430\u0437\u0440\u0435\u0448\u0438\u0432 \u0435\u0433\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b Kubernetes API Server.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-03-25T10:16:07.000000Z"}, {"uuid": "3942cba4-dfcf-4aa5-8541-d53a2ed80235", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "published-proof-of-concept", "source": "Telegram/otAoaF9HglqRlYurEeGfVVpj7vUDLPFmRTv87nx_aQ9uiE0", "content": "", "creation_timestamp": "2025-03-27T04:00:06.000000Z"}, {"uuid": "58fac56d-d384-4b76-9fdd-e263b9402b1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://t.me/cvedetector/21020", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-1098 - Kubernetes Ingress-Nginx Arbitrary Code Execution and Secret Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-1098 \nPublished : March 25, 2025, 12:15 a.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : A security issue was discovered in  ingress-nginx   where the `mirror-target` and `mirror-host` Ingress annotations can be used to inject arbitrary configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T02:46:09.000000Z"}, {"uuid": "a8f52389-77a3-4f34-875b-e3b3199e5dc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "Telegram/QMJRspa-u4nazI8zKkYrcrzsCPEt_TjOqyMhuWOLygoVcg", "content": "", "creation_timestamp": "2025-03-25T01:46:01.000000Z"}, {"uuid": "ac90b88a-07d8-45e5-b315-245d52f92100", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/15432", "content": "\ud83d\udea8PoC Code to Exploit the IngressNightmare Vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974)\n\nhttps://darkwebinformer.com/poc-code-to-exploit-the-ingressnightmare-vulnerabilities-cve-2025-1097-cve-2025-1098-cve-2025-24514-and-cve-2025-1974/", "creation_timestamp": "2025-03-27T21:03:44.000000Z"}, {"uuid": "3105c6a9-1b8b-4a59-9f2f-5d0b6a0a97a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://t.me/bizone_channel/1794", "content": "\ud83e\udd65 BI.Z\u041eNE WAF \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u0442 \u043e\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Kubernetes \u2014 Ingress Nightmare\n\n\u041d\u0430\u0439\u0434\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 ingress-\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430\u0445 \u0434\u043b\u044f Kubernetes, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442 \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u043c\u00a0\u0432 \u043a\u043b\u0430\u0441\u0442\u0435\u0440 \u0442\u0440\u0430\u0444\u0438\u043a\u043e\u043c. \u041d\u0435\u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043e\u043d\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 Ingress Nightmare.\n\nCVE-2025-1974, \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u044e\u0449\u0443\u044e \u043f\u0435\u0440\u0432\u0438\u0447\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f, \u043e\u0446\u0435\u043d\u0438\u043b\u0438 \u0432 9,8 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS. \u0422\u0430\u043a\u0436\u0435 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u0435\u043c \u0432\u0435\u043a\u0442\u043e\u0440\u0430 \u0430\u0442\u0430\u043a\u0438: CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098.\u00a0\n\n\u041f\u0435\u0440\u0432\u0438\u0447\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0432 Ingress NGINX Controller, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0435\u043c NGINX \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0438 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0430 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043a\u0440\u043e\u0435\u0442\u0441\u044f \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Kubernetes Admission Controllers \u2014 \u044d\u0442\u043e \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0442\u0432\u0435\u0447\u0430\u0435\u0442 \u0437\u0430 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0443 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043a API-\u0441\u0435\u0440\u0432\u0435\u0440\u0443 Kubernetes.\u00a0\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2025-1974 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043c\u0438\u043d\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0441\u0435\u0442\u0438 \u043e\u0431\u0440\u0430\u0442\u0438\u0442\u044c\u0441\u044f \u043a \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 Ingress Nginx \u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 (RCE) \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u0430 AdmissionReview.\u00a0\n\n\u041f\u043e \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b BI.Z\u041eNE WAF, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u0440\u044f\u0434\u043a\u0430 43% \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b.\u00a0\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 ingress-nginx v1.11.5 \u0438 1.12.1.\n\n\u0415\u0441\u043b\u0438 \u0432\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u041f\u041e, \u043e\u0442 CVE-2025-1974 \u043f\u043e\u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c\u0441\u044f BI.ZONE WAF.\u00a0\u0420\u0435\u0448\u0435\u043d\u0438\u0435 \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u043e\u0431\u0440\u0430\u0449\u0435\u043d\u0438\u0439 AdmissionReview, \u0447\u0442\u043e \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043f\u0435\u0440\u0432\u0438\u0447\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0438 \u043d\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0440\u0430\u0437\u0432\u0438\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443 \u0434\u0430\u043b\u044c\u0448\u0435.\n\n\u0422\u0430\u043a\u0436\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u044b \u0432 BI.ZONE CPT.", "creation_timestamp": "2025-03-28T15:08:59.000000Z"}, {"uuid": "262a6970-d8bc-431f-b73a-385d6fda4fc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://t.me/true_secator/6873", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Wiz \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0435 Ingress NGINX \u0434\u043b\u044f Kubernetes, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044e\u0442 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u044b \u0440\u0438\u0441\u043a\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u0437\u043b\u043e\u043c\u0430.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043e\u0442\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a CVE CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 \u0438 CVE-2025-1974 \u0438 \u0432 \u0441\u043e\u0432\u043e\u043a\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043e\u0431\u0449\u0435\u0435 \u043d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 IngressNightmare, \u0432\u043b\u0438\u044f\u044f \u043d\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 Ingress NGINX, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0430 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0438 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430.\n\n\u041f\u0440\u0438 \u0442\u043e\u043c, \u0447\u0442\u043e Ingress-NGINX - \u044d\u0442\u043e \u043e\u0434\u0438\u043d \u0438\u0437 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043d\u044b\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u043d\u0435\u0448\u043d\u0435\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c Kubernetes.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Wiz, 41% \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432, \u0432\u044b\u0445\u043e\u0434\u044f\u0449\u0438\u0445 \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 Ingress NGINX.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, 43% \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0441\u0440\u0435\u0434 \u0438\u043c\u0435\u044e\u0442 \u043f\u043e \u043a\u0440\u0430\u0439\u043d\u0435\u0439 \u043c\u0435\u0440\u0435 \u043e\u0434\u0438\u043d \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440, \u0430 6500 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0435, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c \u0438\u0437 \u0441\u043f\u0438\u0441\u043a\u0430 Fortune 500, \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0432\u044b\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442.\n\nIngressNightmare \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442 \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0435 \u043e\u0431\u044a\u0435\u043a\u0442\u044b \u0432\u0445\u043e\u0434\u0430 \u043f\u0435\u0440\u0435\u0434 \u0438\u0445 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435\u043c.\n\n\u0420\u0438\u0441\u043a \u0430\u0442\u0430\u043a \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u0438\u0437-\u0437\u0430 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u043f\u043e \u0441\u0435\u0442\u0438 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\u00a0\n\n\u041a\u043e\u0433\u0434\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u0434\u043e\u043f\u0443\u0441\u043a\u0430 Ingress-NGINX \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u0439 \u043e\u0431\u044a\u0435\u043a\u0442 \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430, \u043e\u043d \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u0438\u0437 \u043d\u0435\u0433\u043e \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e NGINX, \u0430 \u0437\u0430\u0442\u0435\u043c \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442 \u0435\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0434\u0432\u043e\u0438\u0447\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 NGINX.\n\n\u041a\u043e\u043c\u0430\u043d\u0434\u0430 Wiz \u0437\u0430\u043c\u0435\u0442\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u043c\u0435\u043d\u043d\u043e \u043d\u0430 \u044d\u0442\u043e\u043c \u044d\u0442\u0430\u043f\u0435, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u0443\u044e \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e NGINX, \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043e\u0431\u044a\u0435\u043a\u0442 \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443 \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0447\u0435\u0440\u0435\u0437 \u0441\u0435\u0442\u044c.\n\n\u041d\u0430 \u044d\u0442\u0430\u043f\u0435 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u043d\u0430\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f NGINX \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0432\u0430\u043b\u0438\u0434\u0430\u0442\u043e\u0440 NGINX \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c RCE \u043d\u0430 \u043c\u043e\u0434\u0443\u043b\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 Ingress NGINX.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 IngressNightmare \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u043e \u0432\u0441\u0435\u043c \u0441\u0435\u043a\u0440\u0435\u0442\u0430\u043c, \u0445\u0440\u0430\u043d\u044f\u0449\u0438\u043c\u0441\u044f \u0432\u043e \u0432\u0441\u0435\u0445 \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430\u0445 \u0438\u043c\u0435\u043d, \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0446\u0435\u043b\u0435\u0432\u044b\u043c \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u043c Kubernetes.\n\nIngress NGINX - \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0439 \u043a\u0440\u0443\u043f\u043d\u0435\u0439\u0448\u0438\u043c\u0438 \u043c\u0438\u0440\u043e\u0432\u044b\u043c\u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u044f\u043c\u0438 \u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c\u0438 - \u043e\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439 \u0418\u0418 \u0434\u043e \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0446\u0438\u0439 \u0438\u0437 \u0441\u043f\u0438\u0441\u043a\u0430 Fortune 500, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0433\u0438\u043f\u043e\u0442\u0435\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c\u0438.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 Kubernetes \u0441\u043b\u0443\u0436\u0438\u0442 \u043e\u0441\u043d\u043e\u0432\u043e\u0439 \u0432\u0441\u0435\u0445 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0441\u0440\u0435\u0434, \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0437\u0430\u0445\u0432\u0430\u0442\u0430 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u0432, \u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430 \u043f\u043e\u044f\u0432\u0438\u0442\u0441\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u043e \u0432\u0441\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u043c \u0438 \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u0445.\n\n\u041f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u043f\u043e \u0441\u0443\u0442\u0438 \u0431\u0435\u0437\u0433\u0440\u0430\u043d\u0438\u0447\u043d\u044b.\n\nWiz \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e \u0441\u0432\u043e\u0438\u0445 \u0432\u044b\u0432\u043e\u0434\u0430\u0445 Kubernetes \u0432 \u043a\u043e\u043d\u0446\u0435 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430 \u0438 \u044f\u043d\u0432\u0430\u0440\u0435 2025 \u0433\u043e\u0434\u0430. \n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Ingress NGINX Controller 1.12.1 \u0438 1.11.5, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u044b\u0448\u043b\u0438 \u0432 \u043f\u043e\u043d\u0435\u0434\u0435\u043b\u044c\u043d\u0438\u043a.\u00a0\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0438\u043b\u0438 \u0436\u0435 \u0441\u043d\u0438\u0437\u0438\u0442\u044c \u0440\u0438\u0441\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043c\u0435\u0440 \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u043c \u0434\u043e\u043f\u0443\u0441\u043a\u0430: \u043b\u0438\u0431\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0432 \u0435\u0433\u043e, \u043b\u0438\u0431\u043e \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043d\u0435\u043c\u0443 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c API Kubernetes.\n\nKubernetes, Google Cloud \u0438 Microsoft \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0441\u0432\u043e\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c IngressNightmare\u00a0(1, 2 \u0438 3 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e).", "creation_timestamp": "2025-03-26T10:39:04.000000Z"}, {"uuid": "6588f80e-bf35-4b0f-8563-25083c1d1bcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "published-proof-of-concept", "source": "Telegram/qtf5UlSjl8ansax6HEFOWjNwUYd29vo_Y6ok0vpVyjxeaHc", "content": "", "creation_timestamp": "2025-03-30T17:00:07.000000Z"}, {"uuid": "b0912f4f-e81d-4c6e-aa73-29ef9c06ec29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-1098", "type": "seen", "source": "https://t.me/cultofwire/1333", "content": "Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication\n\n\u041d\u0430\u0447\u043d\u0438\u0442\u0435 \u0441\u0432\u043e\u0451 \u0443\u0442\u0440\u043e \u0441 \u0447\u0430\u0448\u043a\u0438 \u043a\u0440\u0435\u043f\u043a\u043e\u0433\u043e CVSS 9.8 \u0432 Ingress NGINX Controller \u0434\u043b\u044f Kubernetes.\n\n\u041d\u0430\u0431\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098 \u0438 CVE-2025-1974) \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043e\u0431\u0449\u0435\u0435 \u043a\u043e\u0434\u043e\u0432\u043e\u0435 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 IngressNightmare. \u0421\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u044d\u0442\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u043d\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 NGINX Ingress Controller, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0435\u0449\u0435 \u043e\u0434\u043d\u043e\u0439 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 Ingress \u0434\u043b\u044f NGINX \u0438 NGINX Plus.\n\n\u041a\u043e\u0440\u043e\u0442\u043a\u043e \u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445:\n- CVE-2025-24513 (CVSS: 4,8) \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a directory traversal \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DoS) \u0438\u043b\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u043c\u0443 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0441\u0435\u043a\u0440\u0435\u0442\u043d\u044b\u0445 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432 \u0438\u0437 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430 \u0432 \u0441\u043e\u0447\u0435\u0442\u0430\u043d\u0438\u0438 \u0441 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438.\n- CVE-2025-24514 (CVSS: 8,8) \u2014 \u0430\u043d\u043d\u043e\u0442\u0430\u0446\u0438\u044f Ingress auth-url \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432 NGINX, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 ingress-nginx \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443.\n- CVE-2025-1097 (CVSS: 8,8) \u2014 \u0430\u043d\u043d\u043e\u0442\u0430\u0446\u0438\u044f Ingress auth-tls-match-cn \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432 NGINX, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 ingress-nginx \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443.\n- CVE-2025-1098 (CVSS: 8,8) \u2014 \u0430\u043d\u043d\u043e\u0442\u0430\u0446\u0438\u0438 Mirror-Target \u0438 Mirror-Host Ingress \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432 NGINX, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 Ingress-nginx \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443.\n- CVE-2025-1974 (CVSS: 9,8) \u2014 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0438\u043c\u0435\u044e\u0449\u0438\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0442\u0438 \u043c\u043e\u0434\u0443\u043b\u0435\u0439, \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 ingress-nginx \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\nWiz \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u0443\u044e \u0441\u0442\u0430\u0442\u044c\u044e IngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX \u0441 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u043c \u0440\u0430\u0431\u043e\u0442\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0430 \u0442\u0430\u043a \u0436\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u043c \u0434\u0435\u0442\u0435\u043a\u0442\u0430 \u0438 \u043c\u0438\u0442\u0438\u0433\u0430\u0446\u0438\u0438.", "creation_timestamp": "2025-03-25T07:19:59.000000Z"}]}