Lucene search
GoogleOSV:GHSA-J28R-J54M-GPC4HistoryOct 05, 2021 - 5:53 p.m.
Code Injection in SLO Generator
2021-10-0517:53:59
Google
osv.dev
20
code injection
yaml files
slo generator upgrade
EPSS
0.001
Percentile
30.7%
SLO generator allows for loading of YAML files that if crafted in a specific format can allow for code execution within the context of the SLO Generator. We recommend upgrading SLO Generator past https://github.com/google/slo-generator/pull/173
References
://github.com/google/slo-generator
packetstormsecurity.com/files/164426/Google-SLO-Generator-2.0.0-Code-Execution.html
github.com/google/slo-generator/commit/36318beab1b85d14bb860e45bea186b184690d5d
github.com/google/slo-generator/pull/173
github.com/google/slo-generator/releases/tag/v2.0.1
nvd.nist.gov/vuln/detail/CVE-2021-22557
Related
cvelist
cvelist
CVE-2021-22557 Code execution in SLO Generator via YAML Payload
2021-10-04 10:10:10
osv
osv
CVE-2021-22557
2021-10-04 10:15:07
PYSEC-2021-429
2021-10-04 10:15:00
github
github
Code Injection in SLO Generator
2021-10-05 17:53:59
nvd
nvd
CVE-2021-22557
2021-10-04 10:15:07
packetstorm
packetstorm
Google SLO-Generator 2.0.0 Code Execution
2021-10-07 00:00:00
cve
cve
CVE-2021-22557
2021-10-04 10:15:07
exploitdb
exploitdb
Google SLO-Generator 2.0.0 - Code Execution
2021-10-07 00:00:00
prion
prion
Code injection
2021-10-04 10:15:00
zdt
zdt
Google SLO-Generator 2.0.0 - Code Execution Vulnerability
2021-10-07 00:00:00