CNNVD-202512-3282 Information

Dec 17, 2025 cve

CNNVD ID

CNNVD-202512-3282

CVE-2025-14727

  • CNNVD Published: 2025-12-17

Description (Chinese)

F5 NGINX Ingress Controller是美国F5公司的一个流量管理解决方案,适用于 Kubernetes 和容器化环境中的云原生应用。 F5 NGINX Ingress Controller存在路径遍历漏洞,该漏洞源于nginx.org/rewrite-target注解验证不当。

Description (English)

F5 NGINX Insurance Contractor is a flow-management solution for U.S. F5 that applies to clouds in Kubernetes and containerized environments. F5 NGINX Ingress Contractor has a loophole in its path, which stems from the incorrect authentication of nginx.org/rewrite-target notes.

Hazard Level

Medium

Vulnerability Type

路径遍历

Affected Vendor

F5

Published

2025-12-17

Last Modified

2026-02-24

References

https://my.f5.com/manage/s/article/K000158176

Patch

https://my.f5.com/manage/s/article/K000158176

Share on: