- Description
- kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events.
- Source
- jordan@liggitt.net
- NVD status
- Analyzed
- Products
- kubernetes
CVSS 3.1
- Type
- Primary
- Base score
- 3
- Impact score
- 1.4
- Exploitability score
- 1.3
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N
- Severity
- LOW
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:N/AC:H/Au:S/C:N/I:P/A:N
- jordan@liggitt.net
- CWE-150
- nvd@nist.gov
- NVD-CWE-Other
- Hype score
- Not currently trending
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F8AC6E5-6AF8-4881-A2F6-65BD2FC6D58A",
"versionEndIncluding": "1.25.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.26.0:alpha0:*:*:*:*:*:*",
"matchCriteriaId": "A624A6DA-8037-474D-B2AB-9CFC8B0528F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.26.0:alpha1:*:*:*:*:*:*",
"matchCriteriaId": "13839708-E353-4757-9638-90CFE181B8B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.26.0:alpha2:*:*:*:*:*:*",
"matchCriteriaId": "2B7CC489-4E29-46BA-9BB9-C30F0E512DDF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]