VDB
CGA-xfjc-qjfg-pg7c
CGA-xfjc-qjfg-pg7c
REJECTED
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Chainguard | ingress-nginx-opentelemetry-plugin-1.12 | 0, 0, 0 |
| Chainguard | ingress-nginx-controller-compat-1.12 | 0, 0, 0 |
| Chainguard | ingress-nginx-custom-error-pages-compat-1.12 | 0, 0, 0 |
| Wolfi | ingress-nginx-custom-error-pages-compat-1.12 | 0, 0, 0 |
| Wolfi | ingress-nginx-controller-1.12 | 0, 0, 0 |
| Chainguard | kube-webhook-certgen-1.12 | 0, 0, 0 |
| Wolfi | ingress-nginx-custom-error-pages-1.12 | 0, 0, 0 |
| Chainguard | ingress-nginx-custom-error-pages-1.12 | 0, 0, 0 |
| Wolfi | ingress-nginx-opentelemetry-plugin-1.12 | 0, 0, 0 |
| Wolfi | ingress-nginx-controller-bitnami-compat-1.12 | 0, 0, 0 |
| Chainguard | ingress-nginx-controller-1.12 | 0, 0, 0 |
| Chainguard | ingress-nginx-controller-bitnami-compat-1.12 | 0, 0, 0 |
| Wolfi | kube-webhook-certgen-1.12 | 0, 0, 0 |
| Wolfi | ingress-nginx-controller-compat-1.12 | 0, 0, 0 |
Exploit Intelligence
- IngressNightmare-PoC: (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974) PoC ,One-click script 。 一键脚本 (github-poc)
- This is a PoC code to exploit the IngressNightmare vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974). (github-poc)
- GHSA-823x-fv5p-h7hw.json (github-poc)
- Nuclei Template: CVE-2025-1097 (nuclei-template)
Timeline
- Jan 28, 2026 CVE Rejected