Frequently asked questions about five vulnerabilities in the Ingress NGINX Controller for Kubernetes, collectively known as IngressNightmare.
Background
The Tenable Security Response Team (SRT) has compiled this blog to answer Frequently Asked Questions (FAQ) regarding IngressNightmare.
FAQ
What is IngressNightmare?
IngressNightmare is the name given to a series of vulnerabilities in the Ingress NGINX Controller for Kubernetes, an open source controller used for managing network traffic in Kubernetes clusters using NGINX as a reverse proxy and load balancer.
What are the vulnerabilities associated with IngressNightmare?
The following CVEs are associated with IngressNightmare:
| CVE | Description | CVSSv3 |
|---|---|---|
| CVE-2025-1097 | Ingress NGINX Controller Configuration Injection via Unsanitized auth-tls-match-cn annotation | 8.8 |
| CVE-2025-1098 | Ingress NGINX Controller Configuration Injection via Unsanitized Mirror Annotations | 8.8 |
| CVE-2025-1974 | Ingress NGINX Admission Controller Remote Code Execution | 9.8 |
| CVE-2025-24513 | Ingress NGINX Controller Auth Secret File Path Traversal Vulnerability | 4.8 |
| CVE-2025-24514 | Ingress NGINX Controller Via Unsanitized Auth-URL Annotation | 8.8 |
When was IngressNightmare first disclosed?
Public disclosure of IngressNightmare happened on March 24 when news outlets, such as This article has been indexed from Security Boulevard