{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-24513","assignerOrgId":"a6081bf6-c852-4425-ad4f-a67919267565","state":"PUBLISHED","assignerShortName":"kubernetes","dateReserved":"2025-01-23T00:50:17.928Z","datePublished":"2025-03-24T23:29:25.215Z","dateUpdated":"2025-11-03T21:12:43.390Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"ingress-nginx","repo":"https://github.com/kubernetes/ingress-nginx","vendor":"kubernetes","versions":[{"lessThanOrEqual":"1.11.4","status":"affected","version":"0","versionType":"semver"},{"status":"affected","version":"1.12.0"}]}],"credits":[{"lang":"en","type":"finder","value":"Nir Ohfeld"},{"lang":"en","type":"finder","value":"Ronen Shustin"}],"datePublic":"2025-03-24T19:36:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"A security issue was discovered in <a target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/kubernetes/ingress-nginx\">ingress-nginx</a> where attacker-provided data are included in a filename by the ingress-nginx Admission Controller feature, resulting in directory traversal within the container. This could result in denial of service, or when combined with other vulnerabilities, limited disclosure of Secret objects from the cluster."}],"value":"A security issue was discovered in  ingress-nginx https://github.com/kubernetes/ingress-nginx  where attacker-provided data are included in a filename by the ingress-nginx Admission Controller feature, resulting in directory traversal within the container. This could result in denial of service, or when combined with other vulnerabilities, limited disclosure of Secret objects from the cluster."}],"impacts":[{"capecId":"CAPEC-126","descriptions":[{"lang":"en","value":"CAPEC-126 Path Traversal"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"LOW","baseScore":4.8,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-20","description":"CWE-20 Improper Input Validation","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"a6081bf6-c852-4425-ad4f-a67919267565","shortName":"kubernetes","dateUpdated":"2025-03-24T23:29:25.215Z"},"references":[{"url":"https://github.com/kubernetes/kubernetes/issues/131005"}],"source":{"discovery":"EXTERNAL"},"title":"ingress-nginx controller - auth secret file path traversal vulnerability","x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-03-25T13:39:36.149148Z","id":"CVE-2025-24513","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-03-25T13:39:50.057Z"}},{"title":"CVE Program Container","references":[{"url":"https://security.netapp.com/advisory/ntap-20250328-0008/"}],"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2025-11-03T21:12:43.390Z"}}]}}