CVE-2025-24513

CVE Details

Visit the official vulnerability details page for CVE-2025-24513 to learn more.

Initial Publication

03/25/2025

Last Update

03/27/2025

Third Party Dependency

k8s.io/ingress-nginx

NIST CVE Summary

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where attacker-provided data are included in a filename by the ingress-nginx Admission Controller feature, resulting in directory traversal within the container. This could result in denial of service, or when combined with other vulnerabilities, limited disclosure of Secret objects from the cluster.

CVE Severity

4.8

Our Official Summary

Investigation is ongoing to determine how this vulnerability affects our products.

Status

Awaiting Analysis

Affected Products & Versions

Version	PaletteAI	PaletteAI VerteX
0.7.1	⚠️ Impacted	⚠️ Impacted
0.6.6	⚠️ Impacted	⚠️ Impacted
0.5.11	⚠️ Impacted	⚠️ Impacted

Revision History

No revisions available.

CVE Details​

Initial Publication​

Last Update​

Third Party Dependency​

NIST CVE Summary​

CVE Severity​

Our Official Summary​

Status​

Affected Products & Versions​

Revision History​