VYPR
Low severityNVD Advisory· Published Jan 7, 2022· Updated Sep 16, 2024

ANSI escape characters in kubectl output are not being filtered

CVE-2021-25743

Description

kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
k8s.io/kubernetesGo
< 1.26.0-alpha.31.26.0-alpha.3

Affected products

95

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.