CVE-2021-3040

2021-06-1013:15:08

Google

osv.dev

7.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.3%

JSON

An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.139. Checkov 1.0 versions are not impacted.

CPENameOperatorVersion
checkoveq2.0.126
checkoveq2.0.100
checkoveq2.0.137
checkoveq2.0.76
checkoveq2.0.29
checkoveq2.0.26
checkoveq2.0.119
checkoveq2.0.109
checkoveq2.0.99
checkoveq2.0.34

Name	Operator	Version
checkov	eq	2.0.126
checkov	eq	2.0.100
checkov	eq	2.0.137
checkov	eq	2.0.76
checkov	eq	2.0.29
checkov	eq	2.0.26
checkov	eq	2.0.119
checkov	eq	2.0.109
checkov	eq	2.0.99
checkov	eq	2.0.34