Unrated severityNVD Advisory· Published Apr 20, 2021· Updated Sep 17, 2024
Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution
CVE-2021-3035
Description
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: >=2.0.0 <2.0.26
- Range: 2.0
Patches
Vulnerability mechanics
References
1- security.paloaltonetworks.com/CVE-2021-3035mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.