Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:nginx_controller:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductNginx Controller (4f8cd77f-3256-5b4a-a6a4-34abf851aab4)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2021-23021 vulnerable 2026-06-08 05:30:02.201664 Details available
The Nginx Controller 3.x before 3.7.0 agent configuration file /etc/controller-agent/agent.conf is world readable with current permission bits set to 644.
Published: 2021-06-01T12:23:35.000Z
Updated: 2024-08-03T18:58:26.217Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-23020 vulnerable 2026-06-08 05:30:02.201343 Details available
The NAAS 3.x before 3.10.0 API keys were generated using an insecure pseudo-random string and hashing algorithm which could lead to predictable keys.
Published: 2021-06-01T12:14:39.000Z
Updated: 2024-08-03T18:58:26.279Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-23019 vulnerable 2026-06-08 05:30:02.201011 Details available
The NGINX Controller 2.0.0 thru 2.9.0 and 3.x before 3.15.0 Administrator password may be exposed in the systemd.txt file that is included in the NGINX support package.
Published: 2021-06-01T12:03:42.000Z
Updated: 2024-08-03T18:58:26.261Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-23018 vulnerable 2026-06-08 05:30:02.200069 Details available
Intra-cluster communication does not use TLS. The services within the NGINX Controller 3.x before 3.4.0 namespace are using cleartext protocols inside the cluster.
Published: 2021-06-01T11:51:20.000Z
Updated: 2024-08-03T18:58:26.256Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-5911 vulnerable 2026-06-08 05:26:44.160684 Details available
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system.
Published: 2020-07-02T12:23:40.000Z
Updated: 2024-08-04T08:47:40.918Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-5910 vulnerable 2026-06-08 05:26:44.160389 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-5909 vulnerable 2026-06-08 05:26:44.160031 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-5901 vulnerable 2026-06-08 05:26:44.139929 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-5900 vulnerable 2026-06-08 05:26:44.139630 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-5899 vulnerable 2026-06-08 05:26:44.139349 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-5895 vulnerable 2026-06-08 05:26:44.135675 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-5894 vulnerable 2026-06-08 05:26:44.135280 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-5867 vulnerable 2026-06-08 05:26:44.076432 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-5866 vulnerable 2026-06-08 05:26:44.076081 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-5865 vulnerable 2026-06-08 05:26:44.075430 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-5864 vulnerable 2026-06-08 05:26:44.074950 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-5863 vulnerable 2026-06-08 05:26:44.072123 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-27730 vulnerable 2026-06-08 05:23:53.003456 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.