CVE-2021-40720

Summary

Ops CLI version 2.0.4 (and earlier) is affected by a Deserialization of Untrusted Data vulnerability to achieve arbitrary code execution when the checkout_repo function is called on a maliciously crafted file. An attacker can leverage this to execute arbitrary code on the victim machine.

Affected Software

VendorProductVersion RangeStatus
AdobeOps-CLIunspecified <= 2.0.4affected
AdobeOps-CLIunspecified <= Noneaffected

Weaknesses

  • CWE-502: Deserialization of Untrusted Data (CWE-502)

ADP Enrichment

CVE Program Container

Additional References

References