Home / Security updates / Critical Kubernetes ‘IngressNightmare’ Vulnerabilities Notification
Critical Kubernetes ‘IngressNightmare’ Vulnerabilities Notification
Security updates detail rendered from /security-updates/upd_9e2d7d7d7e9922d9.
Overview
| ID | upd_9e2d7d7d7e9922d9 |
| Collection | Security Updates |
| Provider | SafeBase |
| Company | Delinea |
| URL | - |
| Counts | - |
| Updated | - |
Raw record
| Field | Value |
|---|---|
| id | upd_9e2d7d7d7e9922d9 |
| providerId | safebase |
| organizationId | org_a3ee621a755352d9 |
| trustCenterId | tc_c2a1aa0eb7eda998 |
| title | Critical Kubernetes ‘IngressNightmare’ Vulnerabilities Notification |
| message | Delinea has reviewed the critical Kubernetes vulnerabilities that were disclosed on March 25, 2025 [CVE-2025-1097](https://nvd.nist.gov/vuln/detail/CVE-2025-1097), [CVE-2025-1098](https://nvd.nist.gov/vuln/detail/CVE-2025-1098), [CVE-2025-24514](https://nvd.nist.gov/vuln/detail/CVE-2025-24514) and [CVE-2025-1974](https://nvd.nist.gov/vuln/detail/CVE-2025-1974), and has determined that they’re applicable to the Delinea Platform and Secret Server Cloud offerings. The Kubernetes clusters for both offerings do not have internet-facing admission controllers and could not have been exploited without internal access. Delinea has promptly patched and successfully tested both products offerings and, out of an abundance of caution, has examined all recent activity and determined that there are no indicators of compromise. Delinea will continue to monitor the service offerings in question and provide communication updates if new material information comes to light. If you have questions, please |
| url | - |
| publishedAt | 2025-03-25 |
| source | {
"field": "statuspage/public/compliance-update",
"category": "vulnerabilities"
} |
| company | {
"id": "org_a3ee621a755352d9",
"name": "Delinea",
"domains": [
"trust.delinea.com",
"delinea.com"
]
} |
| trust_center | {
"id": "tc_c2a1aa0eb7eda998",
"name": "Delinea",
"url": "https://trust.delinea.com",
"host": "trust.delinea.com"
} |
| provider | {
"id": "safebase",
"name": "SafeBase"
} |
| links | {
"self": "/v1/security-updates/upd_9e2d7d7d7e9922d9",
"company": "/v1/companies/org_a3ee621a755352d9",
"trust_center": "/v1/trust-centers/tc_c2a1aa0eb7eda998",
"provider": "/v1/providers/safebase"
} |
Get this page with API
Rendered from the bluedoor Trust Centers API. Reproduce it:
GET https://api.bluedoor.sh/trust-centers/v1/security-updates/upd_9e2d7d7d7e9922d9JSON