← volver
CVE-2021-25743

ANSI escape characters in kubectl output are not being filtered

CVSS 3 LOWEPSS 0.8%CWE-150
kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events.
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N
Productos afectados
Kubernetes · Kubernetes

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/kubernetes/kubernetes/issues/101695https://security.netapp.com/advisory/ntap-20220217-0003/