VDB
GHSA-f53h-mxv9-cp98
GHSA-f53h-mxv9-cp98
PUBLISHED
CVSS 8.800000190734863 HIGH
ingress-nginx comment-based nginx configuration injection
Risk Scores
CVSS v3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| k8s.io | ingress-nginx | 0, 0, 0 |
Timeline
- Mar 20, 2026 CVE Published
- Mar 20, 2026 CVE Updated
- Apr 9, 2026 Security Advisory
References
- https://nvd.nist.gov/vuln/detail/CVE-2026-4342 advisory
- https://github.com/kubernetes/kubernetes/issues/137893 url
- https://github.com/kubernetes/ingress-nginx/commit/5183b7d861377a9a2f6d2acaf44f8f6abd5cd0aa url
- https://github.com/kubernetes/ingress-nginx package
- http://www.openwall.com/lists/oss-security/2026/03/19/9 url