Is this project susceptible to cve-2025-1974 #7558
-
|
The kubernetes nginx-ingress project just published patches for a critical vulnerability. Does this vulnerability exist in this codebase as well and what is the timeline for a fix? |
Beta Was this translation helpful? Give feedback.
Replies: 3 comments 1 reply
-
|
My understanding is that the issue is limited to Kubernetes' nginx-ingress project, and is related to their Admission Controller functionality when an attacker has access to it.
That said... I too would appreciate an official statement on this to be certain |
Beta Was this translation helpful? Give feedback.
-
|
This is my understanding as well. This project doesn't appear to have admission controllers, but I also don't quite have my head wrapped around what those are and how they work, so my confidence isn't as high as I would like. |
Beta Was this translation helpful? Give feedback.
-
|
I emailed F5, and they pointed me here. They say:
|
Beta Was this translation helpful? Give feedback.
-
|
Closing this as it has been answered, Thanks @kyrofa ! |
Beta Was this translation helpful? Give feedback.
I emailed F5, and they pointed me here. They say: