Critical severityNVD Advisory· Published Oct 15, 2021· Updated Sep 16, 2024
Ops CLI Deserialization of Untrusted Data leads to Abritrary Code Execution
CVE-2021-40720
Description
Ops CLI version 2.0.4 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary code execution when the checkout_repo function is called on a maliciously crafted file. An attacker can leverage this to execute arbitrary code on the victim machine.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
ops-cliPyPI | < 2.0.5 | 2.0.5 |
Affected products
2- Range: unspecified
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-x23q-4j9j-9cxwghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-40720ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/ops-cli/PYSEC-2021-380.yamlghsaWEB
- helpx.adobe.com/security/products/ops_cli/apsb21-88.htmlghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.