CVE-2021-3040

An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.139. Checkov 1.0 versions are not impacted.
References
Configurations

Configuration 1

cpe:2.3:a:paloaltonetworks:bridgecrew_checkov:*:*:*:*:*:*:*:*

Information

Published : 2021-06-10 01:15

Updated : 2021-06-21 07:15


NVD link : CVE-2021-3040

Mitre link : CVE-2021-3040

CWE
CWE-502

Deserialization of Untrusted Data