{"id":"GO-2026-4796","summary":"ingress-nginx comment-based nginx configuration injection in k8s.io/ingress-nginx","details":"ingress-nginx comment-based nginx configuration injection in k8s.io/ingress-nginx","aliases":["BIT-nginx-ingress-controller-2026-4342","CVE-2026-4342","GHSA-f53h-mxv9-cp98"],"modified":"2026-03-23T18:56:09.398085Z","published":"2026-03-23T18:16:14Z","database_specific":{"review_status":"UNREVIEWED","url":"https://pkg.go.dev/vuln/GO-2026-4796"},"references":[{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-f53h-mxv9-cp98"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-4342"},{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2026/03/19/9"},{"type":"WEB","url":"https://github.com/kubernetes/ingress-nginx/commit/5183b7d861377a9a2f6d2acaf44f8f6abd5cd0aa"},{"type":"WEB","url":"https://github.com/kubernetes/kubernetes/issues/137893"}],"affected":[{"package":{"name":"k8s.io/ingress-nginx","ecosystem":"Go","purl":"pkg:golang/k8s.io/ingress-nginx"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"0.0.0-20260319175635-5183b7d86137"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2026-4796.json"}}],"schema_version":"1.7.5"}