String of defects in popular Kubernetes component puts 40% of cloud environments at risk | CyberScoop<\/title> <meta name=\"description\" content=\"Researchers aren\u2019t aware of active exploitation in the wild, but they warn the risk for publicly exposed and unpatched Ingress Nginx controllers is extremely high.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/kubernetes-nginx-controller-defects-wiz\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"String of defects in popular Kubernetes component puts 40% of cloud environments at risk\"> <meta property=\"og:description\" content=\"Researchers aren\u2019t aware of active exploitation in the wild, but they warn the risk for publicly exposed and unpatched Ingress Nginx controllers is extremely high.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/kubernetes-nginx-controller-defects-wiz\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2025-03-26T16:19:50+00:00\"> <meta property=\"article:modified_time\" content=\"2025-03-26T16:19:53+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/string-of-defects-in-popular-kubernetes-component-puts-40-of-cloud-environments-at-risk-2.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1280\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Matt Kapko\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@CyberScoopNews\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1742994400g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1742838279g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1740691656g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=a815169637cf454b7376\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/83995\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.7.2\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=83995\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fkubernetes-nginx-controller-defects-wiz%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fkubernetes-nginx-controller-defects-wiz%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-83995 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/kubernetes-nginx-controller-defects-wiz\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--event js-stickybar\">\n<div class=\"stickybar__details\" readability=\"5.12\">\n<div class=\"stickybar__info js-sticky-bar-content\" readability=\"32\">\n<p>Nominations can be submitted for the 2025 CyberScoop 50 awards!<\/p>\n<\/div>\n<p> <a class=\"stickybar__link button button-tertiary\" href=\"https:\/\/cyberscoop.com\/cyberscoop50\/\">Click here!<\/a> <\/div>\n<p> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"26.047717842324\">\n<div class=\"single-article__header-content\" readability=\"35.586516853933\">\n<p> Researchers aren\u2019t aware of active exploitation in the wild, but they warn the risk for publicly exposed and unpatched Ingress Nginx controllers is extremely high. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/83995\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/string-of-defects-in-popular-kubernetes-component-puts-40-of-cloud-environments-at-risk.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/string-of-defects-in-popular-kubernetes-component-puts-40-of-cloud-environments-at-risk-2.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/string-of-defects-in-popular-kubernetes-component-puts-40-of-cloud-environments-at-risk-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/string-of-defects-in-popular-kubernetes-component-puts-40-of-cloud-environments-at-risk-2.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/string-of-defects-in-popular-kubernetes-component-puts-40-of-cloud-environments-at-risk-2.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/string-of-defects-in-popular-kubernetes-component-puts-40-of-cloud-environments-at-risk-2.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/string-of-defects-in-popular-kubernetes-component-puts-40-of-cloud-environments-at-risk-2.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/string-of-defects-in-popular-kubernetes-component-puts-40-of-cloud-environments-at-risk-2.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/string-of-defects-in-popular-kubernetes-component-puts-40-of-cloud-environments-at-risk-2.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/string-of-defects-in-popular-kubernetes-component-puts-40-of-cloud-environments-at-risk-2.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/string-of-defects-in-popular-kubernetes-component-puts-40-of-cloud-environments-at-risk-2.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> Andriy Onufriyenko, via Getty Images <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"43.212225625319\"><body readability=\"87.600347523892\"><\/p>\n<p>More than 40% of cloud environments are at risk of an account takeover due to a series of five recently discovered vulnerabilities \u2014 one regarded critical \u2014 in the Ingress Ngnix Controller for Kubernetes, according to security research published this week.<\/p>\n<p>Upon discovering the string of vulnerabilities in one of most widely used ingress controllers for Kubernetes, Wiz researchers described the potential risk as an \u201cIngressNightmare\u201d in a <a href=\"https:\/\/www.wiz.io\/blog\/ingress-nginx-kubernetes-vulnerabilities\">blog post<\/a> Monday. The most serious defect, an unauthenticated remote code execution vulnerability tracked as <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-1974\">CVE-2025-1974<\/a>, has a CVSS score of 9.8.<\/p>\n<p>Security researchers told CyberScoop they aren\u2019t aware of any active exploitation, but the risk for publicly exposed and unpatched Ingress Nginx controllers is extremely high. <\/p>\n<p>\u201cThe exploit chain is unauthenticated and a target is vulnerable in a default configuration,\u201d Stephen Fewer, principal security researcher at Rapid7, said in an email. \u201cWith exploit code for CVE-2025-1974 starting to be published online, Kubernetes administrators should remediate publicly-exposed instances on an urgent basis.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Ingress Nginx maintainers <a href=\"https:\/\/github.com\/kubernetes\/ingress-nginx\/releases\">released patches<\/a> for <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-1097\">CVE-2025-1097<\/a>, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-1098\">CVE-2025-1098<\/a>, CVE-2025-1974, <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-24513\">CVE-2025-24513<\/a> and <a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2025-24514\">CVE-2025-24514<\/a> on Monday. Wiz reported CVE-2025-1974 and CVE-2025-24514 to Kubernetes on Dec. 31, 2024. <\/p>\n<p>Attackers can exploit CVE-2025-1974 and achieve unauthenticated remote code execution by chaining it to one of three high-severity configuration injection vulnerabilities: CVE-2025-1097, CVE-2025-1098 or CVE-2025-24514.<\/p>\n<p>Successful exploitation could allow attackers to access cluster-wide secrets, including passwords or tokens, or completely take over a cluster, Fewer said. <\/p>\n<p>Researchers are especially concerned about the potential risk of exploitation because Ingress Nginx Controller is so widely used across Kubernetes environments. <\/p>\n<p>The open-source tool is deployed in more than 2 in 5 Kubernetes clusters, according to Tabitha Sable, co-chair of SIG Security and member of the Kubernetes Security Response Committee. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cWhen combined with today\u2019s other vulnerabilities, CVE-2025-1974 means that anything on the pod network has a good chance of taking over your Kubernetes cluster, with no credentials or administrative access required,\u201d Sable said in a <a href=\"https:\/\/kubernetes.io\/blog\/2025\/03\/24\/ingress-nginx-cve-2025-1974\/\">blog post<\/a> Monday.<\/p>\n<p>The pod network is typically accessible to all workloads in a virtual private cloud and anyone connected to the corporate network, Sable added. \u201cThis is a very serious situation.\u201d<\/p>\n<p>Wiz researchers said about 43% of cloud environments, spanning more than 6,500 Kubernetes clusters, including some used by Fortune 500 companies, were potentially at risk of exploitation Monday. Censys scans found <a href=\"https:\/\/censys.com\/ingress-nightmare\/\">about 5,000 publicly exposed<\/a> and potentially vulnerable hosts Tuesday.<\/p>\n<p>Several public proof-of-concept exploit scripts for the vulnerabilities have appeared online, Fewer said. <\/p>\n<p>\u201cDue to the root cause of the vulnerabilities being logic-based issues, these vulnerabilities are both relatively simple to exploit, and exploitation is expected to be reliable,\u201d Fewer said. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cAn attacker must first identify an accessible and vulnerable Ingress Nginx controller in a target Kubernetes cluster, along with the admission controller service belonging to that Ingress controller,\u201d he added. \u201cOnce a viable target has been identified, the difficulty in exploiting the target will be low.\u201d<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"3.8405172413793\">\n<div class=\"author-card\" readability=\"14\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/string-of-defects-in-popular-kubernetes-component-puts-40-of-cloud-environments-at-risk-1.jpg?w=640&ssl=1\" alt=\"Matt Kapko\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Matt Kapko<\/h4>\n<p> Matt Kapko is a reporter at CyberScoop. His beat includes cybercrime, ransomware, software defects and vulnerability (mis)management. The lifelong Californian started his journalism career in 2001 with previous stops at Cybersecurity Dive, CIO, SDxCentral and RCR Wireless News. Matt has a degree in journalism and history from Humboldt State University. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/kubernetes-nginx-controller-defects-wiz\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>String of defects in popular Kubernetes component puts 40% of<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[45,78,2076,3991,1073,3288,256,288],"tags":[53,86,2079,3992,1076,3290,262,294],"class_list":["post-7477","post","type-post","status-publish","format-standard","hentry","category-cloud-security","category-cybersecurity","category-kubernetes","category-nginx","category-open-source","category-open-source-software","category-research","category-threats","tag-cloud-security","tag-cybersecurity","tag-kubernetes","tag-nginx","tag-open-source","tag-open-source-software","tag-research","tag-threats"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cloud-security\/\" rel=\"category tag\">Cloud security<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/kubernetes\/\" rel=\"category tag\">Kubernetes<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/nginx\/\" rel=\"category tag\">Nginx<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/open-source\/\" rel=\"category tag\">open source<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/open-source-software\/\" rel=\"category tag\">open source software<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/research\/\" rel=\"category tag\">Research<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a>","tag_info":"Threats","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7477","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=7477"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7477\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=7477"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=7477"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=7477"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":7477,"date":"2025-03-26T11:19:50","date_gmt":"2025-03-26T16:19:50","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=83995"},"modified":"2025-03-26T11:19:50","modified_gmt":"2025-03-26T16:19:50","slug":"string-of-defects-in-popular-kubernetes-component-puts-40-of-cloud-environments-at-risk","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2025\/03\/26\/string-of-defects-in-popular-kubernetes-component-puts-40-of-cloud-environments-at-risk\/","title":{"rendered":"String of defects in popular Kubernetes component puts 40% of cloud environments at risk"},"content":{"rendered":"