Please could someone clarify if Ingress-nginx CVE-...
# harvesterb
brainy-kilobyte-33711
03/25/2025, 4:31 PMPlease could someone clarify if Ingress-nginx CVE-2025-1974 and the mitigation in https://www.suse.com/support/kb/doc/?id=000021756 should be applied to the rke2 deployed as part of harvester?
b
bland-article-62755
03/25/2025, 4:56 PMI think it's in the article you posted: `
Copy code
kubectl get pods --all-namespaces --selector <http://app.kubernetes.io/name=ingress-nginx|app.kubernetes.io/name=ingress-nginx>bland-article-62755
03/25/2025, 4:57 PMIf you have pods, you're affected.
bland-article-62755
03/25/2025, 4:57 PMI'm pretty sure it doesn't use nginx by default though
bland-article-62755
03/25/2025, 4:57 PMI think it's the k3s clusters that do
t
thousands-advantage-10804
03/25/2025, 5:00 PMI think you are going to have to wait until they upgrade harvester. this is due to how harvester boots.
b
bland-article-62755
03/25/2025, 5:00 PMMaybe I'm wrong. ¯\_(ツ)_/¯
t
thousands-advantage-10804
03/25/2025, 5:03 PMlol
b
brainy-kilobyte-33711
03/25/2025, 8:48 PM