PT-2022-9681 · Kubernetes+4 · Kubernetes+5

Eviatar Gerzi

Published

2020-07-03

Updated

2025-10-08

CVE-2021-25743

CVSS v3.1

3.0

Low

Vector

AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions kubernetes (affected versions not specified)

Description The issue is related to the handling of raw data output to a terminal by kubectl. Specifically, it does not neutralize escape, meta, or control sequences contained in this data. This affects unstructured string fields in objects such as Events.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-150CWE-20

Related Identifiers

ALT-PU-2020-2299

ALT-PU-2020-2338

BDU:2025-12934

CVE-2021-25743

GHSA-F9JG-8P32-2F55

GO-2022-0983

OESA-2022-2132

OESA-2023-1020

OPENSUSE-SU-2024_3341-1

OPENSUSE-SU-2024_3343-1

OPENSUSE-SU-2025:15424-1

SUSE-SU-2024:2858-1

SUSE-SU-2024:2859-1

SUSE-SU-2024:2928-1

SUSE-SU-2024:3341-1

SUSE-SU-2024:3343-1

SUSE-SU-2024_2858-1

SUSE-SU-2024_2859-1

SUSE-SU-2024_2928-1

SUSE-SU-2025:02423-1

SUSE-SU-2025:02423-2

SUSE-SU-2025_02423-2

Affected Products

Alt Linux

Debian

Red Os

Suse

Kubectl

Kubernetes

PT-2022-9681 · Kubernetes+4 · Kubernetes+5

CVE-2021-25743

Weakness Enumeration

Related Identifiers

Affected Products

References · 108