Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Ops CLI Deserialization of Untrusted Data leads to Abritrary Code Execution
Vulnerability Description
Ops CLI version 2.0.4 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary code execution when the checkout_repo function is called on a maliciously crafted file. An attacker can leverage this to execute arbitrary code on the victim machine.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
可信数据的反序列化
Vulnerability Title
Adobe Ops-cli 代码问题漏洞
Vulnerability Description
Adobe Ops-cli是美国Adobe公司的一个用于云自动化的 Terraform、Ansible、Helmfile 和 Ssh 的 Cli 包装器。 Adobe ops-cli 存在代码问题漏洞,该漏洞源于产品在反序列化时未对输入数据做有效验证。攻击者可通过该漏洞在目标系统执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A