Unrated severityNVD Advisory· Published Jun 10, 2021· Updated Sep 16, 2024
Bridgecrew Checkov: Unsafe deserialization of Terraform files allows code execution
CVE-2021-3040
Description
An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.139. Checkov 1.0 versions are not impacted.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3<2.0.139+ 1 more
- (no CPE)range: <2.0.139
- (no CPE)range: 2.0
Patches
Vulnerability mechanics
References
1- security.paloaltonetworks.com/CVE-2021-3040mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.