Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • World
  • Users
  • Groups
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

agnos.is Forums
  1. Home
  2. Selfhosted
  3. CVE-2025-1974: vulnerabilities that could make it easy for attackers to take over your Kubernetes cluster

CVE-2025-1974: vulnerabilities that could make it easy for attackers to take over your Kubernetes cluster

Scheduled Pinned Locked Moved Selfhosted
selfhosted
4 Posts 4 Posters 0 Views
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • B This user is from outside of this forum
    B This user is from outside of this forum
    [email protected]
    wrote on last edited by
    #1

    cross-posted from: https://lemmy.world/post/27407351

    When combined with today’s other vulnerabilities, CVE-2025-1974 means that anything on the Pod network has a good chance of taking over your Kubernetes cluster, with no credentials or administrative access required.

    scrubbles@poptalk.scrubbles.techS M 2 Replies Last reply
    1
    0
    • System shared this topic on
    • B [email protected]

      cross-posted from: https://lemmy.world/post/27407351

      When combined with today’s other vulnerabilities, CVE-2025-1974 means that anything on the Pod network has a good chance of taking over your Kubernetes cluster, with no credentials or administrative access required.

      scrubbles@poptalk.scrubbles.techS This user is from outside of this forum
      scrubbles@poptalk.scrubbles.techS This user is from outside of this forum
      [email protected]
      wrote on last edited by
      #2

      Great callout, thanks for posting

      1 Reply Last reply
      0
      • B [email protected]

        cross-posted from: https://lemmy.world/post/27407351

        When combined with today’s other vulnerabilities, CVE-2025-1974 means that anything on the Pod network has a good chance of taking over your Kubernetes cluster, with no credentials or administrative access required.

        M This user is from outside of this forum
        M This user is from outside of this forum
        [email protected]
        wrote on last edited by
        #3

        Isn't this only for people running NGINX?

        I 1 Reply Last reply
        0
        • M [email protected]

          Isn't this only for people running NGINX?

          I This user is from outside of this forum
          I This user is from outside of this forum
          [email protected]
          wrote on last edited by
          #4

          Yes it's defects in the ingress-nginx controller package.

          1 Reply Last reply
          0
          • System shared this topic on
          Reply
          • Reply as topic
          Log in to reply
          • Oldest to Newest
          • Newest to Oldest
          • Most Votes

          • Login
          • Login or register to search.
          • First post
            Last post
          0
          • Categories
          • Recent
          • Tags
          • Popular
          • World
          • Users
          • Groups