Google · Slo Generator · CVE-2021-22557
**Name of the Vulnerable Software and Affected Versions**
SLO Generator versions prior to the version including https://github.com/google/slo-generator/pull/173
**Description**
The SLO generator has an issue where it allows for the loading of YAML files. If these files are crafted in a specific format, they can enable code execution within the context of the SLO Generator.
**Recommendations**
Upgrade SLO Generator past the version including https://github.com/google/slo-generator/pull/173. As a temporary workaround, consider restricting the loading of YAML files or ensuring they are thoroughly validated before use to minimize the risk of exploitation.