Lucene search
K

295 matches found

Tenable Nessus
Tenable Nessus
added 2024/12/17 12:0 a.m.10 views

RHEL 7 : python-virtualenv (RHSA-2024:11048)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:11048 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution forLinux on numerous hardware platforms. The virt:rhel module contains...

8.4CVSS7.8AI score0.01557EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/12/16 8:11 a.m.3 views

virtualenv: potential command injection via virtual environment activation scripts

A flaw was found in the virtualenv Python package. Due to the improper handling of quotes in magic template strings, the virtual environment activation script is vulnerable to OS command injection,leading to the loss of confidentiality,integrity and availability of the system...

8.4CVSS5.7AI score0.01557EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2024/12/16 8:1 a.m.3 views

virtualenv: potential command injection via virtual environment activation scripts

A flaw was found in the virtualenv Python package. Due to the improper handling of quotes in magic template strings, the virtual environment activation script is vulnerable to OS command injection,leading to the loss of confidentiality,integrity and availability of the system...

8.4CVSS5.7AI score0.01557EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2024/12/16 7:24 a.m.8 views

virtualenv: potential command injection via virtual environment activation scripts

A flaw was found in the virtualenv Python package. Due to the improper handling of quotes in magic template strings, the virtual environment activation script is vulnerable to OS command injection,leading to the loss of confidentiality,integrity and availability of the system...

8.4CVSS5.7AI score0.01557EPSS
Exploits1References7
RedHat Linux
RedHat Linux
added 2024/12/16 2:38 a.m.5 views

virtualenv: potential command injection via virtual environment activation scripts

A flaw was found in the virtualenv Python package. Due to the improper handling of quotes in magic template strings, the virtual environment activation script is vulnerable to OS command injection,leading to the loss of confidentiality,integrity and availability of the system...

8.4CVSS5.7AI score0.01557EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2024/12/12 12:0 a.m.13 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python3-virtualenv (SUSE-SU-2024:4143-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:4143-1 advisory. Security issue fixed: - CVE-2024-53899: Fixed a command injection through activation scripts bsc1233706...

8.4CVSS7.8AI score0.01557EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2024/12/12 12:0 a.m.13 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-virtualenv (SUSE-SU-2024:4093-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:4093-1 advisory. - CVE-2024-53899: Fixed a command injection through activation scripts bsc1233706 Tenable has extracted t...

8.4CVSS7.8AI score0.01557EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/12/11 4:20 p.m.2 views

virtualenv: potential command injection via virtual environment activation scripts

A flaw was found in the virtualenv Python package. Due to the improper handling of quotes in magic template strings, the virtual environment activation script is vulnerable to OS command injection,leading to the loss of confidentiality,integrity and availability of the system...

8.4CVSS5.7AI score0.01557EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2024/12/11 12:0 a.m.9 views

RHEL 8 : python36:3.6 (RHSA-2024:10953)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:10953 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic da...

8.4CVSS7.8AI score0.01557EPSS
Exploits1References4
AlmaLinux
AlmaLinux
added 2024/12/11 12:0 a.m.14 views

Important: python36:3.6 security update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fixes:...

8.4CVSS7.3AI score0.01557EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/12/03 12:0 a.m.8 views

openSUSE Security Advisory (SUSE-SU-2024:4143-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.4CVSS8.3AI score0.01557EPSS
Exploits1References5
SUSE Linux
SUSE Linux
added 2024/12/02 7:50 p.m.0 views

Security update for python3-virtualenv

This update for python3-virtualenv fixes the following issues: Security issue fixed: CVE-2024-53899: Fixed a command injection through activation scripts bsc1233706 Non-security issue fixed: Relax version requirements that cannot be provided bsc1232072 Patch Instructions: To install this SUSE...

7.8CVSS8.7AI score0.01557EPSS
Exploits1References6
OSV
OSV
added 2024/12/02 7:50 p.m.11 views

SUSE-SU-2024:4143-1 Security update for python3-virtualenv

This update for python3-virtualenv fixes the following issues: Security issue fixed: - CVE-2024-53899: Fixed a command injection through activation scripts bsc1233706 Non-security issue fixed: - Relax version requirements that cannot be provided bsc1232072...

8.4CVSS8AI score0.01557EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/11/29 12:0 a.m.10 views

SUSE: Security Advisory (SUSE-SU-2024:4093-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.4CVSS8.3AI score0.01557EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/11/29 12:0 a.m.12 views

openSUSE Security Advisory (SUSE-SU-2024:4093-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.4CVSS8.3AI score0.01557EPSS
Exploits1References4
SUSE Linux
SUSE Linux
added 2024/11/28 10:57 a.m.1 views

Security update for python-virtualenv

This update for python-virtualenv fixes the following issues: CVE-2024-53899: Fixed a command injection through activation scripts bsc1233706 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you c...

7.8CVSS8.7AI score0.01557EPSS
Exploits1References4
OSV
OSV
added 2024/11/28 10:57 a.m.12 views

SUSE-SU-2024:4093-1 Security update for python-virtualenv

This update for python-virtualenv fixes the following issues: - CVE-2024-53899: Fixed a command injection through activation scripts bsc1233706...

8.4CVSS8AI score0.01557EPSS
Exploits1References3
OSV
OSV
added 2024/11/27 7:23 p.m.23 views

BIT-VIRTUALENV-2024-53899

virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287...

8.4CVSS6.9AI score0.01557EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2024/11/26 3:47 a.m.3 views

SUSE CVE-2024-53899

virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287...

7.8CVSS8.6AI score0.01557EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2024/11/25 7:22 p.m.16 views

CVE-2024-53899

A flaw was found in the virtualenv Python package. Due to the improper handling of quotes in magic template strings, the virtual environment activation script is vulnerable to OS command injection,leading to the loss of confidentiality,integrity and availability of the system. Mitigation Mitigati...

7.8CVSS6.5AI score0.01557EPSS
Exploits1References6
Rows per page
Query Builder