F5 Nginx Ingress Controller vulnerabilities

CVE-2026-1642 [HIGH] CWE-349 CVE-2026-1642: A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport La A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security (TLS) servers. An attacker with a man-in-the-middle (MITM) position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response from an upstream proxied server. Note:

CVE-2025-14727 [HIGH] CWE-22 CVE-2025-14727: A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVE-2024-10318 [MEDIUM] CWE-384 CVE-2024-10318: A session fixation issue was discovered in the NGINX OpenID Connect reference implementation, where A session fixation issue was discovered in the NGINX OpenID Connect reference implementation, where a nonce was not checked at login time. This flaw allows an attacker to fix a victim's session to an attacker-controlled account. As a result, although the attacker cannot log in as the victim, they can force the session to associate it with the attacke

CVE-2023-44487 [HIGH] CWE-400 CVE-2023-44487: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancell The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.

CVE-2022-41741 [HIGH] CWE-787 CVE-2022-41741: NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its termination or potential other impact using a spec

CVE-2022-41743 [HIGH] CWE-787 CVE-2022-41743: NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_hls_module NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_hls_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its crash or potential other impact using a specially crafted audio or video file. The issue affects only NGINX Plus when the hls directive is used in the configuration file.

CVE-2022-41742 [HIGH] CWE-787 CVE-2022-41742: NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a spe

CVE-2022-30535 [MEDIUM] CWE-20 CVE-2022-30535: In versions 2.x before 2.3.0 and all versions of 1.x, An attacker authorized to create or update ing In versions 2.x before 2.3.0 and all versions of 1.x, An attacker authorized to create or update ingress objects can obtain the secrets available to the NGINX Ingress Controller. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

CVE-2021-23055 [MEDIUM] CWE-732 CVE-2021-23055: On version 2.x before 2.0.3 and 1.x before 1.12.3, the command line restriction that controls snippe On version 2.x before 2.0.3 and 1.x before 1.12.3, the command line restriction that controls snippet use with NGINX Ingress Controller does not apply to Ingress objects. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.