CVE-2026-4342

Source
https://cve.org/CVERecord?id=CVE-2026-4342
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-4342.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-4342
Aliases
Downstream
Related
Published
2026-03-19T21:50:17.878Z
Modified
2026-07-08T08:05:13.400062699Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
ingress-nginx comment-based nginx configuration injection
Details

A security issue was discovered in ingress-nginx where a combination of Ingress annotations can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/4xxx/CVE-2026-4342.json",
    "cwe_ids": [
        "CWE-20"
    ],
    "cna_assigner": "kubernetes"
}
References

Affected packages

Git / github.com/kubernetes/ingress-nginx

Affected ranges

Type
GIT
Repo
https://github.com/kubernetes/ingress-nginx
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Introduced
Fixed
Introduced
Database specific
{
    "source": [
        "CPE_RANGE",
        "CPE_STRING"
    ],
    "cpe": [
        "cpe:2.3:a:kubernetes:nginx_ingress_controller:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:kubernetes:nginx_ingress_controller:1.15.0:*:*:*:*:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.13.9"
        },
        {
            "introduced": "1.14.0"
        },
        {
            "fixed": "1.14.5"
        },
        {
            "introduced": "1.15.0"
        },
        {
            "last_affected": "1.15.0"
        }
    ]
}
Type
GIT
Repo
https://github.com/kubernetes/kubernetes
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Introduced
Fixed
Introduced
Database specific
{
    "source": [
        "CPE_RANGE",
        "CPE_STRING"
    ],
    "cpe": [
        "cpe:2.3:a:kubernetes:nginx_ingress_controller:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:kubernetes:nginx_ingress_controller:1.15.0:*:*:*:*:*:*:*"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.13.9"
        },
        {
            "introduced": "1.14.0"
        },
        {
            "fixed": "1.14.5"
        },
        {
            "introduced": "1.15.0"
        },
        {
            "last_affected": "1.15.0"
        }
    ]
}

Affected versions

1.*
1.15.0
controller-v0.*
controller-v0.34.0
controller-v0.34.1
controller-v0.35.0
controller-v0.40.0
controller-v0.40.1
controller-v0.40.2
controller-v0.41.0
controller-v0.41.1
controller-v0.41.2
controller-v0.42.0
controller-v0.43.0
controller-v0.44.0
controller-v0.45.0
controller-v0.46.0
controller-v0.47.0
controller-v0.48.1
controller-v0.49.0
controller-v1.*
controller-v1.0.0
controller-v1.0.1
controller-v1.0.2
controller-v1.0.3
controller-v1.0.4
controller-v1.0.5
controller-v1.1.0
controller-v1.1.1
controller-v1.1.2
controller-v1.1.3
controller-v1.10.0
controller-v1.10.1
controller-v1.11.0
controller-v1.13.0
controller-v1.13.1
controller-v1.13.2
controller-v1.13.3
controller-v1.13.4
controller-v1.13.5
controller-v1.13.6
controller-v1.13.7
controller-v1.13.8
controller-v1.14.0
controller-v1.14.1
controller-v1.14.2
controller-v1.14.3
controller-v1.14.4
controller-v1.2.0
controller-v1.2.0-beta.0
controller-v1.2.0-beta.1
controller-v1.2.1
controller-v1.3.0
controller-v1.3.1
controller-v1.4.0
controller-v1.5.1
controller-v1.6.4
controller-v1.7.0
controller-v1.7.1
controller-v1.8.0
controller-v1.9.0-beta.0
controller-v1.9.1
controller-v1.9.3
controller-v1.9.4
controller-v1.9.5
helm-chart-3.*
helm-chart-3.16.0
helm-chart-3.16.1
helm-chart-3.17.0
helm-chart-3.18.0
helm-chart-3.19.0
helm-chart-3.20.0
helm-chart-3.20.1
helm-chart-3.21.0
helm-chart-3.22.0
helm-chart-3.23.0
helm-chart-3.24.0
helm-chart-3.25.0
helm-chart-3.26.0
helm-chart-3.27.0
helm-chart-3.28.0
helm-chart-3.29.0
helm-chart-3.30.0
helm-chart-3.31.0
helm-chart-3.32.0
helm-chart-3.33.0
helm-chart-3.34.0
helm-chart-3.35.0
helm-chart-3.36.0
helm-chart-4.*
helm-chart-4.0.1
helm-chart-4.0.10
helm-chart-4.0.11
helm-chart-4.0.12
helm-chart-4.0.13
helm-chart-4.0.15
helm-chart-4.0.16
helm-chart-4.0.17
helm-chart-4.0.18
helm-chart-4.0.19
helm-chart-4.0.2
helm-chart-4.0.3
helm-chart-4.0.4
helm-chart-4.0.5
helm-chart-4.0.6
helm-chart-4.0.7
helm-chart-4.0.8
helm-chart-4.0.9
helm-chart-4.1.0
helm-chart-4.1.0-beta.0
helm-chart-4.1.0-beta.1
helm-chart-4.1.1
helm-chart-4.1.2
helm-chart-4.1.3
helm-chart-4.1.4
helm-chart-4.10.0
helm-chart-4.11.0
helm-chart-4.13.0
helm-chart-4.13.1
helm-chart-4.13.2
helm-chart-4.13.3
helm-chart-4.13.4
helm-chart-4.13.5
helm-chart-4.13.6
helm-chart-4.13.7
helm-chart-4.13.8
helm-chart-4.14.0
helm-chart-4.14.1
helm-chart-4.14.2
helm-chart-4.14.3
helm-chart-4.14.4
helm-chart-4.2.0
helm-chart-4.2.1
helm-chart-4.2.2
helm-chart-4.2.3
helm-chart-4.2.4
helm-chart-4.2.5
helm-chart-4.3.0
helm-chart-4.4.0
helm-chart-4.4.2
helm-chart-4.5.0
helm-chart-4.5.2
helm-chart-4.6.0
helm-chart-4.6.1
helm-chart-4.7.0
helm-chart-4.7.1
helm-chart-4.7.2
helm-chart-4.8.0
helm-chart-4.8.0-beta.0
helm-chart-4.8.1
helm-chart-4.8.2
helm-chart-4.8.3
helm-chart-4.9.0
helm-chart-4.9.1
ingress-nginx-2.*
ingress-nginx-2.0.0
ingress-nginx-2.0.1
ingress-nginx-2.0.2
ingress-nginx-2.0.3
ingress-nginx-2.1.0
ingress-nginx-2.10.0
ingress-nginx-2.11.0
ingress-nginx-2.11.1
ingress-nginx-2.11.2
ingress-nginx-2.11.3
ingress-nginx-2.12.0
ingress-nginx-2.12.1
ingress-nginx-2.13.0
ingress-nginx-2.14.0
ingress-nginx-2.15.0
ingress-nginx-2.16.0
ingress-nginx-2.2.0
ingress-nginx-2.3.0
ingress-nginx-2.4.0
ingress-nginx-2.5.0
ingress-nginx-2.6.0
ingress-nginx-2.7.0
ingress-nginx-2.7.1
ingress-nginx-2.8.0
ingress-nginx-2.9.0
ingress-nginx-2.9.1
ingress-nginx-3.*
ingress-nginx-3.0.0
ingress-nginx-3.1.0
ingress-nginx-3.10.0
ingress-nginx-3.10.1
ingress-nginx-3.11.0
ingress-nginx-3.11.1
ingress-nginx-3.12.0
ingress-nginx-3.13.0
ingress-nginx-3.15.0
ingress-nginx-3.15.1
ingress-nginx-3.15.2
ingress-nginx-3.2.0
ingress-nginx-3.3.0
ingress-nginx-3.3.1
ingress-nginx-3.4.0
ingress-nginx-3.4.1
ingress-nginx-3.5.0
ingress-nginx-3.5.1
ingress-nginx-3.6.0
ingress-nginx-3.7.0
ingress-nginx-3.7.1
ingress-nginx-3.8.0
ingress-nginx-3.9.0
v0.*
v0.13.1-dev
v0.17.0
v1.*
v1.1.0-alpha.0
v1.1.0-alpha.1
v1.10.0-alpha.0
v1.10.0-alpha.1
v1.10.0-alpha.2
v1.10.0-alpha.3
v1.11.0-alpha.0
v1.11.0-alpha.1
v1.11.0-alpha.2
v1.12.0-alpha.0
v1.12.0-alpha.1
v1.13.0
v1.13.0-alpha.0
v1.13.0-alpha.1
v1.13.0-alpha.2
v1.13.0-alpha.3
v1.13.0-beta.0
v1.13.0-beta.1
v1.13.0-beta.2
v1.13.0-rc.1
v1.13.0-rc.2
v1.13.1
v1.13.1-beta.0
v1.13.2
v1.13.2-beta.0
v1.13.3
v1.13.3-beta.0
v1.13.4
v1.13.4-beta.0
v1.13.5
v1.13.5-beta.0
v1.13.6
v1.13.6-beta.0
v1.13.7
v1.13.7-beta.0
v1.13.8
v1.13.8-beta.0
v1.13.9-beta.0
v1.14.0
v1.14.0-alpha.0
v1.14.1
v1.14.1-beta.0
v1.14.2
v1.14.2-beta.0
v1.14.3
v1.14.3-beta.0
v1.14.4
v1.14.4-beta.0
v1.14.5-beta.0
v1.2.0-alpha.1
v1.2.0-alpha.2
v1.2.0-alpha.3
v1.2.0-alpha.4
v1.2.0-alpha.5
v1.2.0-alpha.6
v1.2.0-alpha.7
v1.2.0-alpha.8
v1.3.0-alpha.0
v1.3.0-alpha.1
v1.3.0-alpha.2
v1.3.0-alpha.3
v1.3.0-alpha.4
v1.3.0-alpha.5
v1.4.0-alpha.1
v1.4.0-alpha.2
v1.4.0-alpha.3
v1.5.0-alpha.0
v1.5.0-alpha.1
v1.5.0-alpha.2
v1.6.0-alpha.0
v1.6.0-alpha.1
v1.6.0-alpha.2
v1.6.0-alpha.3
v1.7.0-alpha.0
v1.7.0-alpha.1
v1.7.0-alpha.2
v1.7.0-alpha.3
v1.7.0-alpha.4
v1.8.0-alpha.0
v1.8.0-alpha.1
v1.8.0-alpha.2
v1.8.0-alpha.3
v1.9.0-alpha.0
v1.9.0-alpha.1
v1.9.0-alpha.2
v1.9.0-alpha.3

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-4342.json"