2 matches found
Amazon Linux 2023 : python3-virtualenv (ALAS2023-2025-831)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-831 advisory. virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as...
PYSEC-2024-187
virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287...