How severe is CVE-2025-48056?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2025-48056?

This is classified as CWE-74, which is a common weakness in software security.

CVE-2025-48056 - MEDIUM Severity | CVSS 5.3

Vulnerability Description

Hubble is a fully distributed networking and security observability platform for cloud native workloads. Prior to version 1.17.2, a network attacker could inject malicious control characters into Hubble CLI terminal output, potentially leading to loss of integrity and manipulation of the output. This could be leveraged to conceal log entries, rewrite output, or even make the terminal temporarily unusable. Exploitation of this attack would require the victim to be monitoring Kafka traffic using Layer 7 Protocol Visibility at the time of the attack. The issue is patched in Hubble CLI v1.17.2. Hubble CLI users who are unable to upgrade can direct their Hubble flows to a log file and inspect the output within a text editor.

Related Vulnerabilities

CVE-2010-4658

MEDIUM

CVSS:5.3(Medium)

statusnet through 2010 allows attackers to spoof syslog messages via newline injection attacks.

CWE-742010

CVE-2011-3624

MEDIUM

CVSS:5.3(Medium)

Various methods in WEBrick::HTTPRequest in Ruby 1.9.2 and 1.8.7 and earlier do not validate the X-Forwarded-For, X-Forwarded-Host and X-Forwarded-Server headers in requests, which might allow remote a...

CWE-742011

CVE-2013-4578

MEDIUM

CVSS:5.3(Medium)

jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper fil...

CWE-742013

CVE-2013-7324

MEDIUM

CVSS:5.3(Medium)

Webkit-GTK 2.x (any version with HTML5 audio/video support based on GStreamer) allows remote attackers to trigger unexpectedly high sound volume via malicious javascript. NOTE: this WebKit-GTK behavio...

CWE-742013

CVE-2016-11068

MEDIUM

CVSS:5.3(Medium)

An issue was discovered in Mattermost Server before 3.2.0. Attackers could read LDAP fields via injection.

CWE-742016

CVE-2017-7848

MEDIUM

CVSS:5.3(Medium)

RSS fields can inject new lines into the created email structure, modifying the message body. This vulnerability affects Thunderbird < 52.5.2.

CWE-742017