Managing the Nginx security vulnerability, Demo day, maintenance in audit

Hello Team,

Check out this week’s changelog for exciting updates and enhancements from our team! 🚀

#Managing a critical security vulnerability in ingress-nginx

On March 24, 2025, the Kubernetes Security Team disclosed several critical vulnerabilities in ingress-nginx, including CVE-2025-1974 (rated 9.8 CVSS). This vulnerability could allow unauthorized attackers to take full control of Kubernetes clusters.

⚡ Our Immediate Response

We acted swiftly to protect your infrastructure:

9:00 AM → Patched ingress-nginx with the latest security fixes.

10:00 AM → Verified the patch in our test environments.

11:00 AM → Rolled out the fix across all managed clusters:

--> 12:20 PM → Non-production clusters updated.

--> 2:20 PM → Production clusters updated.

March 25, 2025 → Full remediation completed.

🔍 What You Need to Do

• If you manage your own clusters (self-managed cluster), update ingress-nginx to v1.12.1/v1.11.5 or later ASAP.
• Review your cluster logs for any unusual activity in the past few days.
• Check out the official Kubernetes security advisory for more details.

We have created a dedicated post here.

We take security seriously and will continue monitoring for any further risks. If you have questions, reach out to us! 🚀

#Demo days!

Demo days are back! This is the best way for us to showcase what we have recently released on our product.

For this demo day, our CEO Romaric will do a live "no blabla" demo to introduce you to the latest features like: Karpenter, new log view, debug pods, etc..

👉 Register yourself here

#Maintenance events in the audit logs

We are regularly updating your cluster with the latest Qovery version, and to ensure you clearly see when an update has been triggered, we have introduced a new audit event called "Maintenance".

To see any event happening on your cluster, you can:

• Open your cluster settings
• select the "See audit logs" view from the dropdown menu (or go directly in the audit log section and filter the content from there)

#Minor Changes:

• Fix version in deployment history: we have fixed the deployment column in the deployment history page. It now correctly shows the version in case you are deploying container images.
• Id displayed for repository/registry/token: when opening a container registry, a helm repository or a git token, you can now get the internal ID assigned by Qovery to that object. This is helpful whenever you need to use that object within the Qovery Terraform Provider.

For the latest news and upcoming features, remember to check out changelog.qovery.com.

As always, we appreciate your feedback and support.

Happy Deploying!

The Qovery Team 🚀