-
Notifications
You must be signed in to change notification settings - Fork 38.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ANSI escape characters in kubectl output annotation are not being filtered - #107617
Comments
/sig api-machinery |
1.18 is out of support. is this reproducible with >= 1.20? /sig cli |
yes, the same in v1.22.2 |
I think we only need a single issue to track this. |
/close |
@liggitt: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/triage duplicate |
/triage accepted |
What happened?
The same phenomenon with #101695 ,but in pod and node annotation.
What did you expect to happen?
The ANSI escape characters will be filtered so they couldn't affect the terminal (i.e. using embeded ANSI colors won't do anything to the terminal).
How can we reproduce it (as minimally and precisely as possible)?
run this :
![1-pod](https://user-images.githubusercontent.com/7522079/149913304-f8faf38b-f03f-4909-8f53-984f5c18656e.png)
![Uploading 2-describe.png…]()
pod:
describe the pod:
Anything else we need to know?
ANSI escape characters were used to abuse terminals emulators and even cause code execution if the terminal is vulnerable(like CVE-2021-25743)
Kubernetes version
Cloud provider
OS version
Install tools
Container runtime (CRI) and and version (if applicable)
Related plugins (CNI, CSI, ...) and versions (if applicable)
The text was updated successfully, but these errors were encountered: