CVE-2025-48056: Character injection in Hubble CLI

May 21, 2025

A network attacker could inject malicious control characters into Hubble CLI terminal output, potentially leading to loss of integrity and manipulation of the output. This could be leveraged to conceal log entries, rewrite output, or even make the terminal temporarily unusable. Exploitation of this attack would require the victim to be monitoring Kafka traffic using Layer 7 Protocol Visibility at the time of the attack.

References

github.com/advisories/GHSA-274q-79q9-52j7
github.com/cilium/cilium/pull/37401
github.com/cilium/hubble
github.com/cilium/hubble/security/advisories/GHSA-274q-79q9-52j7
nvd.nist.gov/vuln/detail/CVE-2025-48056

Code Behaviors & Features

Detect and mitigate CVE-2025-48056 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →