24 matches found
BIT-CHECKOV-2021-3040 Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.139. Checkov 1.0 versions are not impacted...
BIT-CHECKOV-2021-3035 Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted...
EUVD-2021-26387
Malware in sbrugna...
EUVD-2021-26392
Malware in sbrugna...
bridgecrew (>=3.0.0 <=3.2.414), codesecure-core (>=1.0.0b10 <=1.0.29) +3 more potentially affected by CVE-2025-2180 via checkov (>=3.0.0 <=3.2.414)
checkov PYPI version =3.0.0, =3.0.0, =1.0.0b10, =0.2.0, =1.0.0, =1.0.56 Source cves: CVE-2025-2180 Source advisory: SNYK:PYTHON-CHECKOV-11800950...
awslabs-ccapi-mcp-server (>=1.0.1 <=1.0.18), bridgecrew (>=3.2.415 <=3.2.477) +10 more potentially affected by unknown CVE via asteval (=1.0.5)
asteval PYPI version =1.0.5 is affected by a known vulnerability. The following packages have a transitive dependency on asteval and may be impacted: - awslabs-ccapi-mcp-server =1.0.1, =3.2.415, =3.2.415, =0.1.130, =6.0.0, =5.8.0, =5.8.0, =0.0.8, =0.1.0, =0.14.3 Source cves: unknown CVE Source...
Checkov - Prevent Cloud Misconfigurations During Build-Time For Terraform, CloudFormation, Kubernetes, Serverless Framework And Other Infrastructure-As-Code-Languages
Checkov is a static code analysis tool for infrastructure-as-code. It scans cloud infrastructure provisioned using Terraform, Terraform plan, Cloudformation, AWS SAM, Kubernetes, Dockerfile, Serverless or ARM Templates and detects securi ty and compliance misconfigurations using graph-based...
TerraGoat - Vulnerable Terraform Infrastructure
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. Introduction TerraGoat was built to enable DevSecOps design and implement a...
CVE-2021-3040
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.139. Checkov 1.0 versions are not impacted...
CVE-2021-3040
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.139. Checkov 1.0 versions are not impacted...
Deserialization of untrusted data
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.139. Checkov 1.0 versions are not impacted...
CVE-2021-3040
Summary: CVE-2021-3040 describes an unsafe deserialization vulnerability in Bridgecrew Checkov (Prisma Cloud) that enables arbitrary code execution when processing a malicious Terraform file. The issue affects Checkov 2.0 versions earlier than 2.0.139; Checkov 1.0 is not affected. Affected softwa...
CVE-2021-3040 Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.139. Checkov 1.0 versions are not impacted...
PT-2021-18726
Name of the Vulnerable Software and Affected Versions Checkov versions 2.0.0 through 2.0.138 Description An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. Recommendations For Checkov versions...
Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.139. Checkov 1.0 versions are not impacted. Work around: Do not run Checkov on...
Bridgecrew Checkov 代码问题漏洞
Bridgecrew Checkov is an open source application. Static code analysis tool for infrastructure-as-code. Bridgecrew Checkov suffers from a code issue vulnerability that stems from insecure input validation when processing serialized data, which could allow a remote user to pass specially designed...
CVE-2021-3035
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted...
CVE-2021-3035
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted...
Deserialization of untrusted data
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted...
CVE-2021-3035
Bridgecrew Checkov (CVE-2021-3035) is affected by an unsafe deserialization vulnerability that enables arbitrary code execution when processing a malicious Terraform file. The issue impacts Checkov 2.0 releases earlier than 2.0.26; Checkov 1.0 is not affected. Root cause is unsafe/deserialization...