{"id":"CVE-2021-25743","details":"kubectl does not neutralize escape, meta or control sequences contained in the raw data it outputs to a terminal. This includes but is not limited to the unstructured string fields in objects such as Events.","aliases":["GHSA-f9jg-8p32-2f55","GO-2022-0983"],"modified":"2026-03-23T05:12:51.009586226Z","published":"2022-01-07T00:15:07.817Z","related":["CGA-g2xf-r675-cc5v","SUSE-SU-2024:2858-1","SUSE-SU-2024:2859-1","SUSE-SU-2024:2928-1","SUSE-SU-2024:3341-1","SUSE-SU-2024:3343-1","SUSE-SU-2025:02423-1","SUSE-SU-2025:02423-2","openSUSE-SU-2025:15424-1"],"references":[{"type":"ADVISORY","url":"https://github.com/kubernetes/kubernetes/issues/101695"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20220217-0003/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/kubernetes/kubernetes","events":[{"introduced":"0"},{"last_affected":"a866cbe2e5bbaa01cfd5e969aa3e033f3282a8a2"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.25.0"}]}}],"versions":["v0.10.0","v0.11.0","v0.12.0","v0.13.0","v0.13.1-dev","v0.14.0","v0.14.1","v0.15.0","v0.16.0","v0.16.1","v0.16.2","v0.17.0","v0.17.1","v0.18.0","v0.18.1","v0.18.2","v0.19.0","v0.19.1","v0.19.2","v0.19.3","v0.2","v0.20.0","v0.20.1","v0.20.2","v0.21.0","v0.21.1","v0.21.2","v0.3","v0.4","v0.5","v0.6.0","v0.7.0","v0.8.0","v0.9.0","v1.0.0","v1.1.0-alpha.0","v1.1.0-alpha.1","v1.10.0-alpha.0","v1.10.0-alpha.1","v1.10.0-alpha.2","v1.10.0-alpha.3","v1.11.0-alpha.0","v1.11.0-alpha.1","v1.11.0-alpha.2","v1.12.0-alpha.0","v1.12.0-alpha.1","v1.13.0-alpha.0","v1.13.0-alpha.1","v1.13.0-alpha.2","v1.13.0-alpha.3","v1.14.0-alpha.0","v1.14.0-alpha.1","v1.14.0-alpha.2","v1.14.0-alpha.3","v1.15.0-alpha.0","v1.15.0-alpha.1","v1.15.0-alpha.2","v1.15.0-alpha.3","v1.16.0-alpha.0","v1.16.0-alpha.1","v1.16.0-alpha.2","v1.16.0-alpha.3","v1.17.0-alpha.0","v1.17.0-alpha.1","v1.17.0-alpha.2","v1.17.0-alpha.3","v1.18.0-alpha.0","v1.18.0-alpha.1","v1.18.0-alpha.2","v1.18.0-alpha.4","v1.18.0-alpha.5","v1.19.0-alpha.0","v1.19.0-alpha.1","v1.19.0-alpha.2","v1.19.0-alpha.3","v1.19.0-beta.0","v1.19.0-beta.1","v1.19.0-beta.2","v1.2.0-alpha.1","v1.2.0-alpha.2","v1.2.0-alpha.3","v1.2.0-alpha.4","v1.2.0-alpha.5","v1.2.0-alpha.6","v1.2.0-alpha.7","v1.2.0-alpha.8","v1.20.0-alpha.0","v1.20.0-alpha.1","v1.20.0-alpha.2","v1.20.0-alpha.3","v1.20.0-beta.0","v1.20.0-beta.1","v1.20.0-beta.2","v1.21.0-alpha.0","v1.21.0-alpha.1","v1.21.0-alpha.2","v1.21.0-alpha.3","v1.21.0-beta.0","v1.21.0-beta.1","v1.22.0-alpha.0","v1.22.0-alpha.1","v1.22.0-alpha.2","v1.22.0-alpha.3","v1.22.0-beta.0","v1.22.0-beta.1","v1.22.0-beta.2","v1.23.0-alpha.0","v1.23.0-alpha.1","v1.23.0-alpha.2","v1.23.0-alpha.3","v1.23.0-alpha.4","v1.23.0-beta.0","v1.24.0-alpha.0","v1.24.0-alpha.1","v1.24.0-alpha.2","v1.24.0-alpha.3","v1.24.0-alpha.4","v1.24.0-beta.0","v1.25.0","v1.25.0-alpha.0","v1.25.0-alpha.1","v1.25.0-alpha.2","v1.25.0-alpha.3","v1.25.0-beta.0","v1.25.0-rc.0","v1.25.0-rc.1","v1.26.0-alpha.0","v1.3.0-alpha.0","v1.3.0-alpha.1","v1.3.0-alpha.2","v1.3.0-alpha.3","v1.3.0-alpha.4","v1.3.0-alpha.5","v1.4.0-alpha.0","v1.4.0-alpha.1","v1.4.0-alpha.2","v1.4.0-alpha.3","v1.5.0-alpha.0","v1.5.0-alpha.1","v1.5.0-alpha.2","v1.6.0-alpha.0","v1.6.0-alpha.1","v1.6.0-alpha.2","v1.6.0-alpha.3","v1.7.0-alpha.0","v1.7.0-alpha.1","v1.7.0-alpha.2","v1.7.0-alpha.3","v1.7.0-alpha.4","v1.8.0-alpha.0","v1.8.0-alpha.1","v1.8.0-alpha.2","v1.8.0-alpha.3","v1.9.0-alpha.0","v1.9.0-alpha.1","v1.9.0-alpha.2","v1.9.0-alpha.3"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"1.26.0-alpha0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.26.0-alpha1"}]},{"events":[{"introduced":"0"},{"last_affected":"1.26.0-alpha2"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-25743.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N"}]}