GHSA-p3x5-5xpx-9phm
GitHub Security Advisory
Kubernetes ingress exposes sensitive information
✓ GitHub Reviewed
MODERATE
Has CVE
Advisory Details
Versions < 1.5 of the Kubernetes ingress default backend, which handles invalid ingress traffic, exposed prometheus metrics publicly.
Affected Packages
Go
k8s.io/ingress-nginx
Affected versions:
0
(fixed in 1.5)
Related CVEs
Key Information
5.0
/10
Dataset
Last updated: November 25, 2025 6:29 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.