SLO generator allows for loading of YAML files that if crafted in a specific format can allow for code execution within the context of the SLO Generator. We recommend upgrading SLO Generator past https://github.com/google/slo-generator/pull/173
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/164426/Google-SLO-Generator-2.0.0-Code-Execution.html | Exploit Third Party Advisory VDB Entry |
https://github.com/google/slo-generator/pull/173 | Exploit Patch Third Party Advisory |
Configurations
History
No history.
Information
Published : 2021-10-04 10:15
Updated : 2022-10-25 16:18
NVD link : CVE-2021-22557
Mitre link : CVE-2021-22557
CVE.ORG link : CVE-2021-22557
JSON object : View
Products Affected
- slo_generator