CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

294 matches found

OPENSUSE Linux•added 2026/01/16 12:0 a.m.•3 views

python311-virtualenv-20.36.1-1.1 on GA media (moderate)

python311-virtualenv-20.36.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:10055-1 Rating: moderate Cross-References: CVE-2025-68146 CVE-2026-22702 CVSS scores: CVE-2025-68146 SUSE : 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N CVE-2025-68146 SUSE : 5.7...

5.7CVSS7.2AI score0.00184EPSS

Exploits1

OSV•added 2026/01/15 12:0 a.m.•0 views

OPENSUSE-SU-2026:10055-1 python311-virtualenv-20.36.1-1.1 on GA media

These are all security issues fixed in the python311-virtualenv-20.36.1-1.1 package on the GA media of openSUSE Tumbleweed...

6.5CVSS5.8AI score0.00184EPSS

Exploits1References2

vulnersOsv•added 2026/01/13 6:45 p.m.•2 views

5gasp-cli (>=0.1.0 <=0.4.0), ablator (=0.0.1b3) +353 more potentially affected by CVE-2026-22702 via virtualenv (>=12.1.1 <=20.35.4)

virtualenv PYPI version =12.1.1, =0.1.0, =2.0.1, =0.0.2, =0.1.0, =0.0.1a0, =0.2.0, =0.6.1.91, =1.5.0, =2024.7.4, =0.8.3b20230820, =0.8.3b20231012, =1.0.1b20240404 and more Source cves: CVE-2026-22702 Source advisory: OSV:GHSA-597G-3PHW-6986...

4.5CVSS5.8AI score0.00085EPSS

Exploits0

OSV•added 2026/01/13 6:45 p.m.•3 views

GHSA-597G-3PHW-6986 virtualenv Has TOCTOU Vulnerabilities in Directory Creation

Impact TOCTOU Time-of-Check-Time-of-Use vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local access can exploit a race condition between directory existence checks and creation to redirect virtualenv's appdat...

4.5CVSS6.4AI score0.00085EPSS

Exploits0References5

EUVD•added 2026/01/13 6:45 p.m.•4 views

EUVD-2026-1869

virtualenv Has TOCTOU Vulnerabilities in Directory Creation...

4.5CVSS6.1AI score0.00085EPSS

Exploits0References4

Microsoft CVE•added 2026/01/13 9:2 a.m.•1 views

virtualenv Has TOCTOU Vulnerabilities in Directory Creation

...

4.5CVSS5.4AI score0.00085EPSS

Exploits0

OSV•added 2026/01/13 8:53 a.m.•4 views

BIT-VIRTUALENV-2026-22702 virtualenv Has TOCTOU Vulnerabilities in Directory Creation

virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU Time-of-Check-Time-of-Use vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local access can exploit a rac...

4.5CVSS6.4AI score0.00085EPSS

Exploits0References4

SUSE CVE•added 2026/01/13 12:24 a.m.•2 views

SUSE CVE-2026-22702

4.5CVSS6.5AI score0.00085EPSS

Exploits0References5

Tenable Nessus•added 2026/01/13 12:0 a.m.•4 views

FreeBSD : virtualenv -- CWE-59: Improper Link Resolution Before File Access ('Link Following') (fd3855b8-efbc-11f0-9e3f-b0416f0c4c67)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the fd3855b8-efbc-11f0-9e3f-b0416f0c4c67 advisory. https://github.com/pypa/virtualenv/security/advisories/GHSA-597g-3phw-6986 reports: virtualenv is a too...

4.5CVSS5.8AI score0.00085EPSS

Exploits0References3

OSV•added 2026/01/10 7:16 a.m.•3 views

AZL-74237 CVE-2026-22702 affecting package python-virtualenv 20.25.0-3

4.5CVSS5.7AI score0.00085EPSS

Exploits0References1

OSV•added 2026/01/10 7:16 a.m.•3 views

AZL-74210 CVE-2026-22702 affecting package python-virtualenv 20.26.6-2

4.5CVSS5.7AI score0.00085EPSS

Exploits0References1

NVD•added 2026/01/10 7:16 a.m.•5 views

CVE-2026-22702

4.5CVSS0.00085EPSS

Exploits0References3

OSV•added 2026/01/10 7:16 a.m.•3 views

UBUNTU-CVE-2026-22702

4.5CVSS5.7AI score0.00085EPSS

Exploits0References5

vulnersOsv•added 2026/01/10 6:53 a.m.•4 views

5gasp-cli (>=0.1.0 <=0.4.0), ablator (=0.0.1b3) +317 more potentially affected by CVE-2026-22702 via virtualenv (>=20.0.17 <=20.35.4)

virtualenv PYPI version =20.0.17, =0.1.0, =0.0.2, =0.1.0, =0.0.1a0, =0.2.0, =0.6.1.91, =1.5.0, =2024.7.4, =0.8.3b20230820, =0.8.3b20231012, =0.8.3b20231012, =1.0.1b20240404 and more Source cves: CVE-2026-22702 Source advisory: SNYK:PYTHON-VIRTUALENV-14912451...

4.5CVSS5.8AI score0.00085EPSS

Exploits0

Snyk•added 2026/01/10 6:53 a.m.•3 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via a race condition in the directory creation process. An attacker can gain unauthorized access to sensitive data or modify files by exploiting a time gap between directory existence checks and their creation, redirectin...

4.5CVSS6.7AI score0.00085EPSS

Exploits0References2

Cvelist•added 2026/01/10 6:5 a.m.•25 views

CVE-2026-22702 virtualenv Has TOCTOU Vulnerabilities in Directory Creation

4.5CVSS0.00085EPSS

Exploits0References3

CVE•added 2026/01/10 6:5 a.m.•22 views

CVE-2026-22702

CVE-2026-22702 concerns the Python tool for creating isolated environments, virtualenv. The issue is a TOCTOU race in directory creation where a local attacker can exploit a window between existence checks and creation to redirect virtualenv’s app_data and lock files to attacker-controlled locati...

4.5CVSS6.1AI score0.00085EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2026/01/10 6:5 a.m.•2 views

CVE-2026-22702 virtualenv Has TOCTOU Vulnerabilities in Directory Creation

4.5CVSS6.1AI score0.00085EPSS

Exploits0References3

Debian CVE•added 2026/01/10 6:5 a.m.•3 views

CVE-2026-22702

4.5CVSS5.4AI score0.00085EPSS

Exploits0

CNNVD•added 2026/01/10 12:0 a.m.•2 views

virtualenv 竞争条件问题漏洞

Virtualenv is an open source Python virtual environment builder from Python Packaging Authority. A competing conditional issue vulnerability exists in versions prior to virtualenv 20.36.1, which stems from a TOCTOU vulnerability in the directory creation operation that could lead to a symbolic...

4.5CVSS6.3AI score0.00085EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by