Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:40 a.m.11 views

CVE-2022-35861

pyenv 1.2.24 through 2.3.2 allows local users to gain privileges via a .python-version file in the current working directory. An attacker can craft a Python version string in .python-version to execute shims under their control. Shims are executables that pass a command along to a specific versio...

7.8CVSS7.2AI score0.00278EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/11/01 12:0 a.m.34 views

openSUSE 15 Security Update : pyenv (openSUSE-SU-2022:10183-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:10183-1 advisory. - pyenv 1.2.24 through 2.3.2 allows local users to gain privileges via a .python-version file in the current working directory. An attacker can cra...

7.8CVSS7.5AI score0.00278EPSS
Exploits0References4
CVE
CVE
added 2022/07/17 4:31 p.m.65 views

CVE-2022-35861

Summary: CVE-2022-35861 affects pyenv 1.2.24–2.3.2. A crafted .python-version in the current directory can cause relative path traversal in shim execution, enabling local privilege escalation. This is caused by an unvalidated version string used to construct the path to the command. Impact: local...

7.8CVSS7.8AI score0.00278EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2022/07/17 4:31 p.m.15 views

CVE-2022-35861

pyenv 1.2.24 through 2.3.2 allows local users to gain privileges via a .python-version file in the current working directory. An attacker can craft a Python version string in .python-version to execute shims under their control. Shims are executables that pass a command along to a specific versio...

7.8CVSS7.8AI score0.00278EPSS
Exploits0
Rows per page
Query Builder