CVE-2021-40720

Severity CVSS v4.0:
Pending analysis
Type:
CWE-502 Deserialization of Untrusted Dat
Publication date:
15/10/2021
Last modified:
20/10/2021

Description

Ops CLI version 2.0.4 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary code execution when the checkout_repo function is called on a maliciously crafted file. An attacker can leverage this to execute arbitrary code on the victim machine.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:adobe:ops-cli:*:*:*:*:*:*:*:* 2.0.5 (excluding)


References to Advisories, Solutions, and Tools