Ubuntu: Security Advisory (USN-7271-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-7271-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7271-1: virtualenv vulnerability

It was discovered that virtualenv incorrectly handled paths when activating virtual environments. An attacker could possibly use this issue to execute arbitrary code...

USN-7271-1 python-virtualenv vulnerability

It was discovered that virtualenv incorrectly handled paths when activating virtual environments. An attacker could possibly use this issue to execute arbitrary code...

Ubuntu 20.04 LTS / 22.04 LTS : virtualenv vulnerability (USN-7271-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7271-1 advisory. It was discovered that virtualenv incorrectly handled paths when activating virtual environments. An attacker could possibly use this issue to execute...

CVE-2020-11073

In Autoswitch Python Virtualenv before version 0.16.0, a user who enters a directory with a malicious .venv file could run arbitrary code without any user interaction. This is fixed in version: 1.16.0...

Important: python-virtualenv

Issue Overview: virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287. CVE-2024-53899 Affected Packages: python-virtualenv Issue...

Amazon Linux 2023 : python3-virtualenv (ALAS2023-2025-831)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-831 advisory. virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as...

Important: python-virtualenv

Issue Overview: virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287. CVE-2024-53899 Affected Packages: python-virtualenv Issue...

The vulnerability of Python virtualenv’s activation script scenario allows a hacker to execute arbitrary commands.

The vulnerability of Python virtualenv activation scripts is related to the failure to take measures to neutralize special elements used in the operating system’s command line. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

CLSA-2025-1736503464 python3.9: Fix of CVE-2024-9287

CVE-2024-9287: Fix improperly quoting path names in virtual environment creation to prevent command injection in activation scripts...

python-virtualenv security update

15.1.0-7.0.1 - Fixes CVE-2024-53899 Quote template strings in activation scripts Orabug: 37396464...

virtualenv: potential command injection via virtual environment activation scripts

A flaw was found in the virtualenv Python package. Due to the improper handling of quotes in magic template strings, the virtual environment activation script is vulnerable to OS command injection,leading to the loss of confidentiality,integrity and availability of the system...

Important: Red Hat Security Advisory: python36:3.6 security update

An update for the python36:3.6 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated...

RHEL 8 : python36:3.6 (RHSA-2025:0002)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0002 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic dat...

CVE-2024-53899

...

CVE-2024-53899 affecting package python-virtualenv for versions less than 20.25.0-3

CVE-2024-53899 affecting package python-virtualenv for versions less than 20.25.0-3. A patched version of the package is available...

RHSA-2024:11048 Red Hat Security Advisory: python-virtualenv security update

Bulletin has no description...

RHEL 8 : python36:3.6 (RHSA-2024:11094)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:11094 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

RHEL 7 : python-virtualenv (RHSA-2024:11048)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:11048 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains...