CVE-2021-3035

An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted.
References
Configurations

Configuration 1

cpe:2.3:a:paloaltonetworks:bridgecrew_checkov:*:*:*:*:*:*:*:*

Information

Published : 2021-04-20 04:15

Updated : 2021-10-18 12:14


NVD link : CVE-2021-3035

Mitre link : CVE-2021-3035

CWE
CWE-502

Deserialization of Untrusted Data