An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.139. Checkov 1.0 versions are not impacted.
CPE | Name | Operator | Version |
---|---|---|---|
bridgecrew_checkov | ge | 2.0.0 | |
bridgecrew_checkov | lt | 2.0.139 |