Code Injection in SLO Generator
Moderate severity
GitHub Reviewed
Published
Oct 5, 2021
to the GitHub Advisory Database
•
Updated Apr 6, 2023
Description
Published by the National Vulnerability Database
Oct 4, 2021
Reviewed
Oct 5, 2021
Published to the GitHub Advisory Database
Oct 5, 2021
Last updated
Apr 6, 2023
SLO generator allows for loading of YAML files that if crafted in a specific format can allow for code execution within the context of the SLO Generator. We recommend upgrading SLO Generator past google/slo-generator#173
References