/
DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2025-24513

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-24513

CGA ID

CGA-8598-h4cw-p482

Severity

Unknown

Summary

ingress-nginx controller - auth secret file path traversal vulnerability

Description

A security issue was discovered in ingress-nginx where attacker-provided data are included in a filename by the ingress-nginx Admission Controller feature, resulting in directory traversal within the container. This could result in denial of service, or when combined with other vulnerabilities, limited disclosure of Secret objects from the cluster.

References

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Products

Chainguard ContainersChainguard LibrariesChainguard VMs