https://github.com/kubernetes/kubernetes/issues/131009 TL;DR if you're running NGINX Ingress controller, upgrade to 1.11.5 or 1.12.1 to mitigate a vulnerability that allows RCE when an attacker is in the Pod network.