CVE-2021-25743
Description
kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events.
Risk Information
Base Score
3.0
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N
EPSS Score
Exploitation Probability
0.279
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| SUSE-SU-2024:2858-1(Containers Module 15-SP5 ) kubernetes1.23-client-1.23.17-150500.3.15.1.x86_64.rpm | Linux |
| SUSE-SU-2024:2858-1(Containers Module 15-SP5 ) kubernetes1.23-client-common-1.23.17-150500.3.15.1.x86_64.rpm | Linux |
| SUSE-SU-2024:2859-1(Containers Module 15-SP5 ) kubernetes1.24-client-1.24.17-150500.3.19.1.x86_64.rpm | Linux |
| SUSE-SU-2024:2859-1(Containers Module 15-SP5 ) kubernetes1.24-client-common-1.24.17-150500.3.19.1.x86_64.rpm | Linux |
| SUSE-SU-2024:2928-1(Containers Module 15-SP6 ) kubernetes1.25-client-common-1.25.16-150400.9.10.1.x86_64.rpm | Linux |
| SUSE-SU-2024:2928-1(Containers Module 15-SP5 ) kubernetes1.25-client-common-1.25.16-150400.9.10.1.x86_64.rpm | Linux |
| SUSE-SU-2024:2928-1(Containers Module 15-SP6 ) kubernetes1.25-client-1.25.16-150400.9.10.1.x86_64.rpm | Linux |
| SUSE-SU-2024:2928-1(Containers Module 15-SP5 ) kubernetes1.25-client-1.25.16-150400.9.10.1.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234