CGA-wfhh-qc8p-5g56

Published

Last updated

Package

ingress-nginx-controller-1.9

Latest Update

Not affected

Aliases

Severity

5.3

Medium

CVSS V3

Kubernetes ingress exposes sensitive information

Versions < 1.5 of the Kubernetes ingress default backend, which handles invalid ingress traffic, exposed prometheus metrics publicly.

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™