VDB
GO-2026-4796
GO-2026-4796
PUBLISHED
ingress-nginx comment-based nginx configuration injection in k8s.io/ingress-nginx
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| k8s.io | ingress-nginx | 0, 0 |
Timeline
- Mar 23, 2026 CVE Published
- Mar 23, 2026 CVE Updated
- May 1, 2026 Security Advisory
References
- https://github.com/advisories/GHSA-f53h-mxv9-cp98 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-4342 advisory
- http://www.openwall.com/lists/oss-security/2026/03/19/9 url
- https://github.com/kubernetes/ingress-nginx/commit/5183b7d861377a9a2f6d2acaf44f8f6abd5cd0aa fix
- https://github.com/kubernetes/kubernetes/issues/137893 discussion