{"vulnerability": "CVE-2025-24513", "sightings": [{"uuid": "f39a1f4b-169d-48ad-b8ce-f06413d009a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-feeb6c24-c70747e08b7ea0ca", "content": "", "creation_timestamp": "2025-03-31T15:55:24.705075Z"}, {"uuid": "dfb14d40-986e-4eb6-a5a7-327d465aee47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-feeb6c24-c70747e08b7ea0ca", "content": "", "creation_timestamp": "2025-03-31T15:55:24.686691Z"}, {"uuid": "964ac903-46b6-45f9-b14e-02f5515bde1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://bsky.app/profile/letsconvert.bsky.social/post/3ll7hxjmgjj2r", "content": "", "creation_timestamp": "2025-03-25T14:24:38.767581Z"}, {"uuid": "894c97f2-b934-4a4d-966f-d44cee568abc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://bsky.app/profile/buzzleaktv.bsky.social/post/3llbt7nbtgw2u", "content": "", "creation_timestamp": "2025-03-26T12:51:21.078084Z"}, {"uuid": "786f4fbb-200c-489a-ace7-d7c2c3fb13eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3ll7jjzlnne2b", "content": "", "creation_timestamp": "2025-03-25T14:52:52.713296Z"}, {"uuid": "2e1f41f1-c6e1-4c8b-90b9-fc37c16f1596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://bsky.app/profile/lookitup.baby/post/3ll5qr5t6uk2k", "content": "", "creation_timestamp": "2025-03-24T21:56:48.438264Z"}, {"uuid": "ca25a69a-9052-4fab-ad12-4529ca831c36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3llam2asygc2x", "content": "", "creation_timestamp": "2025-03-26T01:10:24.113527Z"}, {"uuid": "fa65c4b6-e1b0-40ff-b8c4-4fc0725f79aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://bsky.app/profile/lookitup.baby/post/3ll5qysdxh22k", "content": "", "creation_timestamp": "2025-03-24T22:01:06.330362Z"}, {"uuid": "64e69286-2792-42bc-8aca-d09543b9f84e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://bsky.app/profile/chrisshort.net/post/3llecscyqv62j", "content": "", "creation_timestamp": "2025-03-27T12:35:33.294519Z"}, {"uuid": "caa73226-b4d5-4927-b213-8375d9f32c8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/114219932988801200", "content": "", "creation_timestamp": "2025-03-24T23:11:08.570648Z"}, {"uuid": "51a3ccf2-e761-4524-9d9a-a71b435f7317", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3ll7niwkfd72l", "content": "", "creation_timestamp": "2025-03-25T16:03:51.272613Z"}, {"uuid": "fbfa56a1-8fe5-4afe-a7c7-0946cf82d2a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://thehackernews.com/2025/03/critical-ingress-nginx-controller.html", "content": "", "creation_timestamp": "2025-03-24T17:55:00.000000Z"}, {"uuid": "030e0056-299b-4943-b43b-1b3d55a6b487", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3ll6o7wc2ff22", "content": "", "creation_timestamp": "2025-03-25T06:44:47.356271Z"}, {"uuid": "605e9e19-6304-4c7a-b89f-56a54e5467b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3llesaz733zp2", "content": "", "creation_timestamp": "2025-03-27T17:15:03.437887Z"}, {"uuid": "1f31f8b6-7826-4f52-8f43-865e287868f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://hachyderm.io/users/ChrisShort/statuses/114259556320162403", "content": "", "creation_timestamp": "2025-03-31T23:07:49.335534Z"}, {"uuid": "592b90e9-01f8-4c4c-80b6-c8163a4e98c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://hachyderm.io/users/ChrisShort/statuses/114259556320162403", "content": "", "creation_timestamp": "2025-03-31T23:07:49.375013Z"}, {"uuid": "bc7d0718-63e7-40da-9a53-2a5d02b9653e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llj55fubcs2b", "content": "", "creation_timestamp": "2025-03-29T10:37:48.689167Z"}, {"uuid": "f7459019-112f-449c-928e-92f8b277b649", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llj55hlc2k2b", "content": "", "creation_timestamp": "2025-03-29T10:37:51.139935Z"}, {"uuid": "9d219058-4a49-4595-ae39-592fabc0bc26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llj55jd74k2b", "content": "", "creation_timestamp": "2025-03-29T10:37:53.534919Z"}, {"uuid": "b1942d4b-20e5-44c5-9887-20d1b657bedc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llj55ltcls2b", "content": "", "creation_timestamp": "2025-03-29T10:37:55.933744Z"}, {"uuid": "9282650c-8ff7-4764-84a9-d481b10ba2c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-100-05", "content": "", "creation_timestamp": "2025-04-10T10:00:00.000000Z"}, {"uuid": "78d5b241-1bea-49e8-8238-b2ce0cda06cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://bsky.app/profile/chrisshort.net/post/3llphyjrkem2k", "content": "", "creation_timestamp": "2025-03-31T23:07:47.960678Z"}, {"uuid": "755308cb-f3f7-4ab7-9fd2-1bc94637c6a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3llvxmfxpnmt2", "content": "", "creation_timestamp": "2025-04-03T13:03:32.679363Z"}, {"uuid": "6d5ccf02-7b4c-4845-9847-1a047cc8f2e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://bsky.app/profile/bluesky.awakari.com/post/3lsef4kvpke2c", "content": "", "creation_timestamp": "2025-06-24T15:13:25.469411Z"}, {"uuid": "d6f44cce-6e27-4325-9e17-b5a9804f353a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "MISP/3e4b778d-5810-4171-a915-f1d106684af4", "content": "", "creation_timestamp": "2025-08-11T18:27:48.000000Z"}, {"uuid": "cacc8f57-1123-4b71-ac4d-038e5e45699d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://www.cert.at/de/warnungen/2025/3/kubernetes-ingress-nginx-controller-vulnerabilities", "content": "", "creation_timestamp": "2025-03-26T13:31:21.000000Z"}, {"uuid": "03bdc3a1-9ed6-46c4-93f7-304fddf68fc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3mb5a3w2nv2s2", "content": "", "creation_timestamp": "2025-12-30T00:47:09.700514Z"}, {"uuid": "033efb8b-8900-4f37-a8a6-9e3f834233b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3mb5kmmjajw52", "content": "", "creation_timestamp": "2025-12-30T00:55:30.355150Z"}, {"uuid": "ed76dcd7-d3cd-4d70-8562-410552019aed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/84edafcd-42a7-4c30-96f8-87de8e73e1ab", "content": "", "creation_timestamp": "2025-03-25T10:40:57.259809Z"}, {"uuid": "331b2a54-7ea4-4e7b-a33e-dc0884ff9f81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-24513", "type": "seen", "source": "https://gist.github.com/Darkcrai86/d5391a4dc6327062b493bd576ae34de3", "content": "", "creation_timestamp": "2025-12-29T15:24:14.000000Z"}, {"uuid": "3a11d1d9-fe22-4410-9a2d-38411fcda0a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8574", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24513\n\ud83d\udd25 CVSS Score: 4.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L)\n\ud83d\udd39 Description: A security issue was discovered in  ingress-nginx https://github.com/kubernetes/ingress-nginx  where attacker-provided data are included in a filename by the ingress-nginx Admission Controller feature, resulting in directory traversal within the container. This could result in denial of service, or when combined with other vulnerabilities, limited disclosure of Secret objects from the cluster.\n\ud83d\udccf Published: 2025-03-24T23:29:25.215Z\n\ud83d\udccf Modified: 2025-03-24T23:29:25.215Z\n\ud83d\udd17 References:\n1. https://github.com/kubernetes/kubernetes/issues/131005", "creation_timestamp": "2025-03-25T00:25:17.000000Z"}, {"uuid": "cdb525d6-d031-4e97-9c97-8cb982507cbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://t.me/itsec_news/5595", "content": "\u200b\u26a1\ufe0fIngressNightmare: \u043d\u043e\u0432\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u043d\u0430 Ingress-Nginx \u0432\u0435\u0434\u0451\u0442 \u043a \u043f\u043e\u043b\u043d\u043e\u043c\u0443 \u0432\u0437\u043b\u043e\u043c\u0443 Kubernetes\n\n\ud83d\udcac \u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Wiz \u0432\u044b\u044f\u0432\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 admission controller \u0443 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 Ingress-Nginx \u0434\u043b\u044f Kubernetes. \u041e\u0448\u0438\u0431\u043a\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u043e\u043c. \u041f\u043e \u043e\u0446\u0435\u043d\u043a\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432, \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u0431\u043e\u043b\u0435\u0435 6 500 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0442\u0435, \u0447\u0442\u043e \u043f\u0440\u0438\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f\u043c \u0438\u0437 \u0441\u043f\u0438\u0441\u043a\u0430 Fortune 500.\n\nIngress-\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b \u0432 Kubernetes \u0441\u043b\u0443\u0436\u0430\u0442 \u0441\u0432\u044f\u0437\u0443\u044e\u0449\u0438\u043c \u0437\u0432\u0435\u043d\u043e\u043c \u043c\u0435\u0436\u0434\u0443 \u0432\u043d\u0435\u0448\u043d\u0438\u043c \u043c\u0438\u0440\u043e\u043c \u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438 \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430. \u041e\u043d\u0438 \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044e\u0442 ingress-\u043e\u0431\u044a\u0435\u043a\u0442\u044b \u2014 \u043f\u0440\u0430\u0432\u0438\u043b\u0430, \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u044e\u0449\u0438\u0435, \u043a\u0430\u043a\u043e\u0439 \u0432\u043d\u0435\u0448\u043d\u0438\u0439 HTTP/S-\u0442\u0440\u0430\u0444\u0438\u043a \u043a\u0443\u0434\u0430 \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d. Ingress-Nginx \u2014 \u043e\u0434\u0438\u043d \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u043e\u0432, \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043d\u0430 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0435 Nginx. \u041e\u043d \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u0440\u0435\u0432\u0440\u0430\u0449\u0430\u0435\u0442 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u0432 ingress-\u043e\u0431\u044a\u0435\u043a\u0442\u0430\u0445 \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b Nginx \u0438 \u043f\u0435\u0440\u0435\u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0442\u0440\u0430\u0444\u0438\u043a \u0432 \u043d\u0443\u0436\u043d\u044b\u0435 \u0441\u0435\u0440\u0432\u0438\u0441\u044b.\n\n\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0442\u0435\u043c, \u043a\u0430\u043a Ingress-Nginx \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442 \u0442\u0430\u043a\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438. \u041e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u0437\u0430 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f admission controller. \u041f\u0440\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0438 ingress-\u043e\u0431\u044a\u0435\u043a\u0442\u0430 \u043e\u043d \u0433\u0435\u043d\u0435\u0440\u0438\u0440\u0443\u0435\u0442 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e Nginx \u0438 \u043f\u0435\u0440\u0435\u0434\u0430\u0451\u0442 \u0435\u0451 \u0434\u043b\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0431\u0438\u043d\u0430\u0440\u043d\u043e\u043c\u0443 \u0432\u0430\u043b\u0438\u0434\u0430\u0442\u043e\u0440\u0443. \u0418\u043c\u0435\u043d\u043d\u043e \u0437\u0434\u0435\u0441\u044c \u0438 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u0430: \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0443\u044e \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u0443\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043f\u0440\u044f\u043c\u043e \u0432\u043d\u0443\u0442\u0440\u0438 \u043f\u043e\u0434\u0430, \u0433\u0434\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440.\n\n\u041e\u0441\u043e\u0431\u0443\u044e \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0442\u043e, \u0447\u0442\u043e admission controller \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0438\u043c\u0435\u0435\u0442 \u0448\u0438\u0440\u043e\u043a\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u043e \u0432\u0441\u0435\u043c \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430\u043c \u0438\u043c\u0435\u043d (namespace) \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430. \u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0445\u0430\u043a\u0435\u0440\u0443 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u043a\u043e\u0434, \u043d\u043e \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a\u043e \u0432\u0441\u0435\u043c \u0441\u0435\u043a\u0440\u0435\u0442\u0430\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u2014 CVE-2025-1974 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.8). \u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0435 \u0447\u0435\u0440\u0435\u0437 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043e\u0444\u043e\u0440\u043c\u043b\u0435\u043d\u043d\u044b\u0439 ingress-\u043e\u0431\u044a\u0435\u043a\u0442. \u041e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u2014 CVE-2025-1097 , CVE-2025-1098 \u0438 CVE-2025-24514 \u2014 \u0438\u043c\u0435\u044e\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS: 8.8 \u0431\u0430\u043b\u043b\u043e\u0432. \u0421\u0430\u043c\u0430\u044f \u00ab\u043b\u0451\u0433\u043a\u0430\u044f\u00bb \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u2014 CVE-2025-24513 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 4.8).\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043e\u0431\u0449\u0435\u0435 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 IngressNightmare. Wiz \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c \u043e \u043d\u0430\u0445\u043e\u0434\u043a\u0435 \u0432 \u043a\u043e\u043d\u0446\u0435 2024 \u0433\u043e\u0434\u0430. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b 10 \u043c\u0430\u0440\u0442\u0430 2025 \u0433\u043e\u0434\u0430, \u043d\u043e \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043d\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u043b\u0438\u0441\u044c. \u0423\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 Ingress-Nginx \u2014 1.12.1 \u0438 1.11.5 \u2014 \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0440\u0438\u0441\u043a, \u0447\u0442\u043e \u043d\u0435 \u0432\u0441\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u0432\u043e\u0432\u0440\u0435\u043c\u044f \u043e\u0431\u043d\u043e\u0432\u044f\u0442 \u0441\u0432\u043e\u0438 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u044b. Kubernetes \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0445\u043e\u0441\u0442\u0438\u043d\u0433\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u044b\u0445 \u0431\u0438\u0437\u043d\u0435\u0441-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 \u043c\u043e\u0436\u0435\u0442 \u043e\u043a\u0430\u0437\u0430\u0442\u044c\u0441\u044f \u043d\u0435\u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u0437\u0430\u0434\u0430\u0447\u0435\u0439. \u0412 \u0442\u0430\u043a\u0438\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445 Wiz \u0441\u043e\u0432\u0435\u0442\u0443\u0435\u0442 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 admission controller \u0438\u043b\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u043a \u043d\u0435\u043c\u0443 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f, \u0440\u0430\u0437\u0440\u0435\u0448\u0438\u0432 \u0435\u0433\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b Kubernetes API Server.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-03-25T10:16:07.000000Z"}, {"uuid": "990f2830-7382-4d4a-8e7a-7f3ec1486805", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://t.me/bizone_channel/1794", "content": "\ud83e\udd65 BI.Z\u041eNE WAF \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u0442 \u043e\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Kubernetes \u2014 Ingress Nightmare\n\n\u041d\u0430\u0439\u0434\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 ingress-\u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430\u0445 \u0434\u043b\u044f Kubernetes, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442 \u0432\u0445\u043e\u0434\u044f\u0449\u0438\u043c\u00a0\u0432 \u043a\u043b\u0430\u0441\u0442\u0435\u0440 \u0442\u0440\u0430\u0444\u0438\u043a\u043e\u043c. \u041d\u0435\u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043e\u043d\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 Ingress Nightmare.\n\nCVE-2025-1974, \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u044e\u0449\u0443\u044e \u043f\u0435\u0440\u0432\u0438\u0447\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f, \u043e\u0446\u0435\u043d\u0438\u043b\u0438 \u0432 9,8 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS. \u0422\u0430\u043a\u0436\u0435 \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u0435\u043c \u0432\u0435\u043a\u0442\u043e\u0440\u0430 \u0430\u0442\u0430\u043a\u0438: CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098.\u00a0\n\n\u041f\u0435\u0440\u0432\u0438\u0447\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0432 Ingress NGINX Controller, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0435\u043c NGINX \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0431\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u043a\u0441\u0438-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0438 \u0431\u0430\u043b\u0430\u043d\u0441\u0438\u0440\u043e\u0432\u0449\u0438\u043a\u0430 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043a\u0440\u043e\u0435\u0442\u0441\u044f \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Kubernetes Admission Controllers \u2014 \u044d\u0442\u043e \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0442\u0432\u0435\u0447\u0430\u0435\u0442 \u0437\u0430 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0443 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u043a API-\u0441\u0435\u0440\u0432\u0435\u0440\u0443 Kubernetes.\u00a0\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2025-1974 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043c\u0438\u043d\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u0441\u0435\u0442\u0438 \u043e\u0431\u0440\u0430\u0442\u0438\u0442\u044c\u0441\u044f \u043a \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 Ingress Nginx \u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 (RCE) \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u0430 AdmissionReview.\u00a0\n\n\u041f\u043e \u0441\u0442\u0430\u0442\u0438\u0441\u0442\u0438\u043a\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b BI.Z\u041eNE WAF, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u043e\u0440\u044f\u0434\u043a\u0430 43% \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b.\u00a0\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 ingress-nginx v1.11.5 \u0438 1.12.1.\n\n\u0415\u0441\u043b\u0438 \u0432\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u041f\u041e, \u043e\u0442 CVE-2025-1974 \u043f\u043e\u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0449\u0438\u0442\u0438\u0442\u044c\u0441\u044f BI.ZONE WAF.\u00a0\u0420\u0435\u0448\u0435\u043d\u0438\u0435 \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u043e\u0431\u0440\u0430\u0449\u0435\u043d\u0438\u0439 AdmissionReview, \u0447\u0442\u043e \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043f\u0435\u0440\u0432\u0438\u0447\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u0438 \u043d\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0440\u0430\u0437\u0432\u0438\u0432\u0430\u0442\u044c \u0430\u0442\u0430\u043a\u0443 \u0434\u0430\u043b\u044c\u0448\u0435.\n\n\u0422\u0430\u043a\u0436\u0435 \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0433\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u044b \u0432 BI.ZONE CPT.", "creation_timestamp": "2025-03-28T15:08:59.000000Z"}, {"uuid": "742e9b8c-c95b-4c77-af91-898ad6d19b5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://t.me/cvedetector/21022", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24513 - Kubernetes Ingress-Nginx Directory Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24513 \nPublished : March 25, 2025, 12:15 a.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : A security issue was discovered in  ingress-nginx   where attacker-provided data are included in a filename by the ingress-nginx Admission Controller feature, resulting in directory traversal within the container. This could result in denial of service, or when combined with other vulnerabilities, limited disclosure of Secret objects from the cluster. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T02:46:10.000000Z"}, {"uuid": "ac2f2ec1-e3d8-47d9-bb09-765aaacb7371", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "https://t.me/cultofwire/1333", "content": "Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication\n\n\u041d\u0430\u0447\u043d\u0438\u0442\u0435 \u0441\u0432\u043e\u0451 \u0443\u0442\u0440\u043e \u0441 \u0447\u0430\u0448\u043a\u0438 \u043a\u0440\u0435\u043f\u043a\u043e\u0433\u043e CVSS 9.8 \u0432 Ingress NGINX Controller \u0434\u043b\u044f Kubernetes.\n\n\u041d\u0430\u0431\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098 \u0438 CVE-2025-1974) \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043e\u0431\u0449\u0435\u0435 \u043a\u043e\u0434\u043e\u0432\u043e\u0435 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 IngressNightmare. \u0421\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u044d\u0442\u0438 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u043d\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 NGINX Ingress Controller, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0435\u0449\u0435 \u043e\u0434\u043d\u043e\u0439 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 Ingress \u0434\u043b\u044f NGINX \u0438 NGINX Plus.\n\n\u041a\u043e\u0440\u043e\u0442\u043a\u043e \u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445:\n- CVE-2025-24513 (CVSS: 4,8) \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a directory traversal \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DoS) \u0438\u043b\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u043c\u0443 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0441\u0435\u043a\u0440\u0435\u0442\u043d\u044b\u0445 \u043e\u0431\u044a\u0435\u043a\u0442\u043e\u0432 \u0438\u0437 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430 \u0432 \u0441\u043e\u0447\u0435\u0442\u0430\u043d\u0438\u0438 \u0441 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438.\n- CVE-2025-24514 (CVSS: 8,8) \u2014 \u0430\u043d\u043d\u043e\u0442\u0430\u0446\u0438\u044f Ingress auth-url \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432 NGINX, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 ingress-nginx \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443.\n- CVE-2025-1097 (CVSS: 8,8) \u2014 \u0430\u043d\u043d\u043e\u0442\u0430\u0446\u0438\u044f Ingress auth-tls-match-cn \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432 NGINX, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 ingress-nginx \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443.\n- CVE-2025-1098 (CVSS: 8,8) \u2014 \u0430\u043d\u043d\u043e\u0442\u0430\u0446\u0438\u0438 Mirror-Target \u0438 Mirror-Host Ingress \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0432 NGINX, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 Ingress-nginx \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0443.\n- CVE-2025-1974 (CVSS: 9,8) \u2014 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u0438\u043c\u0435\u044e\u0449\u0438\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0442\u0438 \u043c\u043e\u0434\u0443\u043b\u0435\u0439, \u043c\u043e\u0436\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u0435 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u0430 ingress-nginx \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445.\n\nWiz \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u0443\u044e \u0441\u0442\u0430\u0442\u044c\u044e IngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX \u0441 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u043c \u0440\u0430\u0431\u043e\u0442\u044b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0430 \u0442\u0430\u043a \u0436\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u043e\u043c \u0434\u0435\u0442\u0435\u043a\u0442\u0430 \u0438 \u043c\u0438\u0442\u0438\u0433\u0430\u0446\u0438\u0438.", "creation_timestamp": "2025-03-25T07:19:59.000000Z"}, {"uuid": "46077f42-0ce6-4a40-9efd-6fa95d653fae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24513", "type": "seen", "source": "Telegram/QMJRspa-u4nazI8zKkYrcrzsCPEt_TjOqyMhuWOLygoVcg", "content": "", "creation_timestamp": "2025-03-25T01:46:01.000000Z"}]}