Описание
kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Advanced Cluster Management for Kubernetes 2 | rhacm2/agent-service-rhel8 | Fix deferred | ||
| Red Hat Ansible Automation Platform 1.2 | kubernetes | Affected | ||
| Red Hat Ansible Tower 3 | kubernetes | Affected | ||
| Red Hat OpenShift Container Platform 3.11 | atomic-openshift | Fix deferred | ||
| Red Hat OpenShift Container Platform 4 | openshift | Fix deferred | ||
| Red Hat OpenShift Container Platform 4 | openshift-clients | Affected |
Показывать по
10
Дополнительная информация
Статус:
Low
Дефект:
CWE-20
Дефект:
CWE-78
https://bugzilla.redhat.com/show_bug.cgi?id=2042418kubernetes: kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal
EPSS
Процентиль: 57%
0.00353
Низкий
3 Low
CVSS3
Связанные уязвимости
CVSS3: 3
ubuntu
почти 4 года назад
kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events.
CVSS3: 3
nvd
почти 4 года назад
kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events.
CVSS3: 3
debian
почти 4 года назад
kubectl does not neutralize escape, meta or control sequences containe ...
EPSS
Процентиль: 57%
0.00353
Низкий
3 Low
CVSS3