VYPR

Bridgecrew Checkov

by Paloaltonetworks

CVEs (2)

  • CVE-2021-3040Jun 10, 2021
    risk 0.00cvss epss 0.01

    An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.139. Checkov 1.0 versions are not impacted.

  • CVE-2021-3035Apr 20, 2021
    risk 0.00cvss epss 0.01

    An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted.