A security issue was discovered in [ingress-nginx](https://github.com/kubernetes/ingress-nginx) where the `auth-tls-match-cn` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)

Affected Packages

Go k8s.io/ingress-nginx

Affected versions: 0 (fixed in 1.11.5)

Go k8s.io/ingress-nginx

Affected versions: 1.12.0-beta.0 (fixed in 1.12.1)

Related CVEs

CVE-2025-1097

Key Information

GHSA ID

GHSA-823x-fv5p-h7hw

Published

March 25, 2025 12:30 AM

Last Modified

March 25, 2025 3:07 PM

CVSS Score

7.5 /10

Primary Ecosystem

Primary Package

k8s.io/ingress-nginx

GitHub Reviewed

✓ Yes

Dataset

Last updated: July 25, 2025 6:37 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.