An improper input validation vulnerability exists in Kubernetes. In Kubernetes and the OpenShift Container Platform, terminal escape sequence characters are not sanitized in various object-free text fields. This flaw allows an authenticated user to include escape sequence characters in free text fields that are later displayed by the `kubectl` or `oc` binaries. This issue allows spoofing and obscuring `kubectl` output.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kubernetes kubernetes |