Product:

Virtualenv

(Virtualenv)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 2
Date Id Summary Products Score Patch Annotated
2024-11-24 CVE-2024-53899 virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287. Virtualenv 7.8
2019-11-05 CVE-2013-5123 The mirroring support (-M, --use-mirrors) in Python Pip before 1.5 uses insecure DNS querying and authenticity checks which allows attackers to perform man-in-the-middle attacks. Debian_linux, Fedora, Pip, Openshift, Software_collections, Virtualenv N/A