Lucene search
K

87 matches found

Prion
Prion
added 2021/04/20 4:15 a.m.20 views

Deserialization of untrusted data

An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted...

6.5CVSS7.2AI score0.01295EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/04/20 3:15 a.m.90 views

CVE-2021-3035

Bridgecrew Checkov (CVE-2021-3035) is affected by an unsafe deserialization vulnerability that enables arbitrary code execution when processing a malicious Terraform file. The issue impacts Checkov 2.0 releases earlier than 2.0.26; Checkov 1.0 is not affected. Root cause is unsafe/deserialization...

7.2CVSS7.1AI score0.01295EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/04/20 3:15 a.m.30 views

CVE-2021-3035 Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution

An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted...

6.7CVSS7.5AI score0.01295EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/04/20 12:0 a.m.10 views

PT-2021-18716

Name of the Vulnerable Software and Affected Versions Checkov versions prior to 2.0.26 Description An unsafe deserialization issue allows arbitrary code execution when processing a malicious terraform file. Recommendations For versions prior to 2.0.26, update to version 2.0.26 or later to resolve...

7.2CVSS6.3AI score0.01295EPSS
Exploits0References4
CNVD
CNVD
added 2021/04/19 12:0 a.m.9 views

Bridgecrew Checkov Has a Remote Code Execution Vulnerability

checkov a software application. Static code analysis tool for infrastructure i.e. code. Bridgecrew Checkov suffers from a remote code execution vulnerability that can be exploited by an attacker to execute arbitrary code while processing a malicious terraform file...

7.2CVSS8.2AI score0.01295EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2021/04/14 4:0 p.m.55 views

Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution

An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted. Work around: Do not run Checkov on...

7.2CVSS6AI score0.01295EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/04/14 12:0 a.m.5 views

Bridgecrew Checkov 代码问题漏洞

checkov a software application. Static code analysis tool for infrastructure i.e. code. Bridgecrew Checkov suffers from a remote code execution vulnerability that can be exploited by an attacker to execute arbitrary code while processing a malicious terraform file...

7.2CVSS6.9AI score0.01295EPSS
Exploits0References4
Rows per page
Query Builder