beerclue@lemmy.world to

Selfhosted@lemmy.worldEnglish · 6 days ago

CVE-2025-1974: vulnerabilities that could make it easy for attackers to take over your Kubernetes cluster

3

83

CVE-2025-1974: vulnerabilities that could make it easy for attackers to take over your Kubernetes cluster

beerclue@lemmy.world to

Selfhosted@lemmy.worldEnglish · 6 days ago

3

Ingress-nginx CVE-2025-1974: What You Need to Know

Today, the ingress-nginx maintainers have released patches for a batch of critical vulnerabilities that could make it easy for attackers to take over your Kubernetes cluster. If you are among the over 40% of Kubernetes administrators using ingress-nginx, you should take action immediately to protect your users and data. Background Ingress is the traditional Kubernetes feature for exposing your workload Pods to the world so that they can be useful. In an implementation-agnostic way, Kubernetes users can define how their applications should be made available on the network.

cross-posted from: https://lemmy.world/post/27407351

When combined with today’s other vulnerabilities, CVE-2025-1974 means that anything on the Pod network has a good chance of taking over your Kubernetes cluster, with no credentials or administrative access required.

You must log in or # to comment.

Chat

marauding_gibberish142@lemmy.dbzer0.com
link
fedilink
English
arrow-up
4·
4 days ago
Isn’t this only for people running NGINX?
- irotsoma@lemmy.blahaj.zone
  link
  fedilink
  English
  arrow-up
  3·
  4 days ago
  Yes it’s defects in the ingress-nginx controller package.
Scrubbles@poptalk.scrubbles.tech
link
fedilink
English
arrow-up
10·
5 days ago
Great callout, thanks for posting

Selfhosted@lemmy.world

selfhosted@lemmy.world

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !selfhosted@lemmy.world

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don’t control.

Rules:

Be civil: we’re here to support and learn from one another. Insults won’t be tolerated. Flame wars are frowned upon.
No spam posting.
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it’s not obvious why your post topic revolves around selfhosting, please include details to make it clear.
Don’t duplicate the full text of your blog or github here. Just post the link for folks to click.
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

1.3K users / day
3.06K users / week
7.18K users / month
7.36K users / 6 months
1 local subscriber
45.3K subscribers
859 Posts
5.46K Comments
Modlog