Jan-Otto Kröpke

**Name of the Vulnerable Software and Affected Versions** ingress-nginx (affected versions not specified) **Description** A security issue exists in ingress-nginx where the `nginx.ingress.kubernetes.io/auth-proxy-set-headers` Ingress annotation can be used to inject configuration into nginx. This can result in arbitrary code execution within the context of the ingress-nginx controller and potential disclosure of Secrets accessible to the controller. In a default installation, the controller has access to all Secrets cluster-wide. The annotation `https://t.co/5vaSyCfUF2` is also implicated in this issue. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** ingress-nginx versions prior to v1.9.0 **Description** The issue is related to code injection via the `nginx.ingress.kubernetes.io/permanent-redirect` annotation in the ingress-nginx controller in a Kubernetes cluster. This can allow a remote attacker to inject arbitrary commands and potentially obtain the credentials of the ingress-nginx controller, which by default has access to all secrets in the cluster. **Recommendations** For versions prior to v1.9.0, update to version v1.9.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the `nginx.ingress.kubernetes.io/permanent-redirect` annotation to minimize the risk of exploitation.