PT-2022-15021
Name of the Vulnerable Software and Affected Versions pipenv versions 2018.10.9 through 2022.1.8 Description A flaw in pipenv's parsing of requirements files allows an attacker to insert a specially crafted string inside a comment anywhere within a requirements.txt file. This will cause victims w...