CIRT.GY | (March 20th, 2026)

(March 20th, 2026)

Ref# ADV2026_173 Kubernetes Security Advisory | Date: Mar 20th 2026

Kubernetes published a security advisory highlighting vulnerabilities in the following products on March 11th, 2026. It is recommended that you take the necessary precautions by ensuring your products are always updated.

Kubernetes ingress-nginx – versions prior to 1.13.9
Kubernetes ingress-nginx — versions prior to 1.14.5
Kubernetes ingress-nginx – versions prior to 1.15.1

For more information on these updates, you can follow these URLs:

The Guyana National CIRT recommends that users and administrators review these updates and apply them where necessary.

PDF Download: Kubernetes_Security_Advisory

References

Kubernetes – Announcements. (n.b.). Retrieved from Kubernetes. https://discuss.kubernetes.io/c/announcements/5
[Security Advisory] CVE-2026-4342: ingress-nginx comment-based nginx configuration injection. (n.b.). Retrieved from Kubernetes. https://discuss.kubernetes.io/t/security-advisory-cve-2026-4342-ingress-nginx-comment-based-nginx-configuration-injection/34349
Kubernetes security advisory. (March 19, 2026). Retrieved from Canadian Centre for Cyber Security. https://www.cyber.gc.ca/en/alerts-advisories/kubernetes-security-advisory-av26-260