Lucene search
GoogleCVELIST:CVE-2021-22557HistoryOct 04, 2021 - 10:10 a.m.
CVE-2021-22557 Code execution in SLO Generator via YAML Payload
2021-10-0410:10:10
CWE-94
Google
www.cve.org
7
cve-2021-22557
slo generator
yaml payload
code execution
CVSS3
5.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS
0.001
Percentile
30.7%
SLO generator allows for loading of YAML files that if crafted in a specific format can allow for code execution within the context of the SLO Generator. We recommend upgrading SLO Generator past https://github.com/google/slo-generator/pull/173
CNA Affected
[
{
"product": "SLO Generator",
"vendor": "Google LLC",
"versions": [
{
"lessThanOrEqual": "2.0.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
osv
osv
CVE-2021-22557
2021-10-04 10:15:07
Code Injection in SLO Generator
2021-10-05 17:53:59
PYSEC-2021-429
2021-10-04 10:15:00
github
github
Code Injection in SLO Generator
2021-10-05 17:53:59
nvd
nvd
CVE-2021-22557
2021-10-04 10:15:07
packetstorm
packetstorm
Google SLO-Generator 2.0.0 Code Execution
2021-10-07 00:00:00
cve
cve
CVE-2021-22557
2021-10-04 10:15:07
exploitdb
exploitdb
Google SLO-Generator 2.0.0 - Code Execution
2021-10-07 00:00:00
prion
prion
Code injection
2021-10-04 10:15:00
zdt
zdt
Google SLO-Generator 2.0.0 - Code Execution Vulnerability
2021-10-07 00:00:00
CVSS3
5.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS
0.001
Percentile
30.7%
Related for CVELIST:CVE-2021-22557