Upstream information

CVE-2021-25742 at MITRE

Description

A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the custom snippets feature to obtain all secrets in the cluster.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having important severity.

No SUSE Bugzilla entries cross referenced.

No SUSE Security Announcements cross referenced.

List of released packages

Product(s) Fixed package version(s) References
openSUSE Tumbleweed
  • rke >= 1.3.3-1.1
Patchnames:
openSUSE-Tumbleweed-2024-11726


SUSE Timeline for this CVE

CVE page created: Thu Oct 21 20:00:02 2021
CVE page last modified: Tue Sep 3 19:19:56 2024