{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T12:57:52.246","vulnerabilities":[{"cve":{"id":"CVE-2026-24513","sourceIdentifier":"jordan@liggitt.net","published":"2026-02-03T23:16:07.130","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A security issue was discovered in ingress-nginx where the protection afforded by the `auth-url` Ingress annotation may not be effective in the presence of a specific misconfiguration.\n\nIf the ingress-nginx controller is configured with a default custom-errors configuration that includes HTTP errors 401 or 403, and if the configured default custom-errors backend is defective and fails to respect the X-Code HTTP header, then an Ingress with the `auth-url` annotation may be accessed even when authentication fails.\n\nNote that the built-in custom-errors backend works correctly. To trigger this issue requires an administrator to specifically configure ingress-nginx with a broken external component."},{"lang":"es","value":"Se descubrió un problema de seguridad en ingress-nginx donde la protección ofrecida por la anotación Ingress 'auth-url' podría no ser efectiva en presencia de una configuración errónea específica.\n\nSi el controlador ingress-nginx está configurado con una configuración predeterminada de errores personalizados que incluye errores HTTP 401 o 403, y si el backend predeterminado de errores personalizados configurado es defectuoso y no respeta el encabezado HTTP X-Code, entonces se podría acceder a un Ingress con la anotación 'auth-url' incluso cuando la autenticación falla.\n\nTenga en cuenta que el backend de errores personalizados integrado funciona correctamente. Para activar este problema se requiere que un administrador configure específicamente ingress-nginx con un componente externo defectuoso."}],"metrics":{"cvssMetricV31":[{"source":"jordan@liggitt.net","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":3.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":1.4}]},"weaknesses":[{"source":"jordan@liggitt.net","type":"Secondary","description":[{"lang":"en","value":"CWE-754"}]}],"references":[{"url":"https://github.com/kubernetes/kubernetes/issues/136679","source":"jordan@liggitt.net"}]}}]}