CNNVD-202510-1141 Information
CNNVD ID
CNNVD-202510-1141
Related CVE
- CNNVD Published: 2025-10-08
Description (Chinese)
HAProxy Kubernetes Ingress Controller是美国HAProxy公司的一个反向代理和负载均衡工具 HAProxy Kubernetes Ingress Controller 3.1.13之前版本存在安全漏洞,该漏洞源于配置片段功能接受具有创建或更新权限用户的配置片段,可能导致获取入口令牌密钥。
Description (English)
HAProxy Kubernetes Industries Consultants is a reverse agent and load balancing tool for HAProxy in the United States There is a security loophole in the previous version of HAProxy Kubernetes Insurance Contractor 3.1.13, which stems from the fact that the configuration segment is open to a user with creation or updating permission, which may lead to the acquisition of an entry key.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
HAProxy
Published
2025-10-08
Last Modified
2026-02-24
References
https://haproxy.com/blog/cve-2025-59303-haproxy-kubernetes-ingress-controller-secret-leak https://access.redhat.com/security/cve/cve-2025-59303
Patch
https://www.haproxy.com/blog/cve-2025-59303-haproxy-kubernetes-ingress-controller-secret-leak
Share on: