MiracleLinux 8 : python36:3.6 (AXSA:2024-9397:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9397:01 advisory. virtualenv: potential command injection via virtual environment activation scripts CVE-2024-53899 Tenable has extracted the preceding description block...

USN-7271-1 python-virtualenv vulnerability

It was discovered that virtualenv incorrectly handled paths when activating virtual environments. An attacker could possibly use this issue to execute arbitrary code...

Important: Red Hat Security Advisory: python36:3.6 security update

An update for the python36:3.6 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated...

SUSE CVE-2024-53899

virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287...

AZL-53645 CVE-2024-53899 affecting package python-virtualenv for versions less than 20.26.6-1

virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287...