87 matches found
Deserialization of untrusted data
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted...
CVE-2021-3035
Bridgecrew Checkov (CVE-2021-3035) is affected by an unsafe deserialization vulnerability that enables arbitrary code execution when processing a malicious Terraform file. The issue impacts Checkov 2.0 releases earlier than 2.0.26; Checkov 1.0 is not affected. Root cause is unsafe/deserialization...
CVE-2021-3035 Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted...
PT-2021-18716
Name of the Vulnerable Software and Affected Versions Checkov versions prior to 2.0.26 Description An unsafe deserialization issue allows arbitrary code execution when processing a malicious terraform file. Recommendations For versions prior to 2.0.26, update to version 2.0.26 or later to resolve...
Bridgecrew Checkov Has a Remote Code Execution Vulnerability
checkov a software application. Static code analysis tool for infrastructure i.e. code. Bridgecrew Checkov suffers from a remote code execution vulnerability that can be exploited by an attacker to execute arbitrary code while processing a malicious terraform file...
Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted. Work around: Do not run Checkov on...
Bridgecrew Checkov 代码问题漏洞
checkov a software application. Static code analysis tool for infrastructure i.e. code. Bridgecrew Checkov suffers from a remote code execution vulnerability that can be exploited by an attacker to execute arbitrary code while processing a malicious terraform file...