是的，你没看错，这个十亿级流量入口、深受用户欢迎、无数生产集群依赖的组件，多年来维护者仅有 1-2 位，他们得利用业余时间、晚间和周末抽空修Bug，与此同时项目复杂度与安全要求却不断上升。

云安全公司 Wiz 发现了 Ingress-Nginx Controller 的准入控制器组件存在严重漏洞，可能导致 Kubernetes 集群被完全接管。据估计，互联网上超过 6,000 个部署实例正面临风险。 Kubernetes (K8s) 集群经常需要向外部开放 HTTP/S 流量，以允许外部访问其运行的应用程序。虽然将 ...

In addition to CVE-2026-24512, the other new vulnerabilities are CVE-2026-24513, considered by Meghu a low risk since an attacker needs to have a config containing specific errors to exploit, and ...

Vulnerabilities have been discovered in the Kubernetes gatekeeper platform Ingress-Nginx ahead of its planned obsolescence.

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More No doubt the new Kubernetes excitement is the Gateway API. One of the ...

SAN FRANCISCO, April 13, 2023 — ngrok, the API-first ingress-as-a-service platform, today announced the ngrok Ingress Controller for Kubernetes. Now developers can create ingress to their production ...