CVE-2025-1974 是一个允许未经身份验证的攻击者在特定条件下访问Pod网络，并在 NGINX Ingress控制器 的上下文中执行任意代码的高危漏洞。该漏洞的CVSS评分高达9.8，属于“严重”级别。攻击者可以利用该漏洞注入恶意配置，进而实现远程代码执行（RCE），这可能导致敏感信息泄露，甚至完全控制Kubernetes集群。

Kubernetes is pulling the plug on Ingress NGINX. The popular Ingress controller will be discontinued in March 2026 due to ...

The latest trends in software development from the Computer Weekly Application Developer Network. StormForge is a cloud-native application performance testing and resource optimization company. The ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...

In this podcast, we look at the challenges for storage inherent in the very fluid requirements of containerised applications in a hybrid cloud setting. We talk about the drive towards microservices ...