8 matches found
BIT-CHECKOV-2021-3040 Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.139. Checkov 1.0 versions are not impacted...
EUVD-2021-26387
Malware in sbrugna...
Deserialization of Untrusted Data
Overview checkov is an Infrastructure as code static analysis Affected versions of this package are vulnerable to Deserialization of Untrusted Data via use of eval. An attacker can execute arbitrary code by submitting a specially crafted Terraform file for analysis. This is only exploitable if th...
CVE-2025-2180 Checkov by Prisma Cloud: Unsafe Deserialization of Terraform Files Allows Code Execution
An unsafe deserialization vulnerability in Palo Alto Networks Checkov by Prisma® Cloud allows an authenticated user to execute arbitrary code as a non administrative user by scanning a malicious terraform file when using Checkov in Prisma® Cloud. This issue impacts Checkov 3.0 versions earlier th...
CVE-2025-2180 Checkov by Prisma Cloud: Unsafe Deserialization of Terraform Files Allows Code Execution
An unsafe deserialization vulnerability in Palo Alto Networks Checkov by Prisma® Cloud allows an authenticated user to execute arbitrary code as a non administrative user by scanning a malicious terraform file when using Checkov in Prisma® Cloud. This issue impacts Checkov 3.0 versions earlier th...
CVE-2021-3040 Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.139. Checkov 1.0 versions are not impacted...
CVE-2021-3035 Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted...
Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted. Work around: Do not run Checkov on...