Количество 28
Количество 28
BDU:2025-03332
Уязвимость модуля cpython языка программирования Python, позволяющая нарушителю нарушить выполнить произвольный код
CVE-2024-9287
A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected.
CVE-2024-9287
A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected.
CVE-2024-9287
A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected.
CVE-2024-9287
CVE-2024-9287
A vulnerability has been found in the CPython `venv` module and CLI wh ...
SUSE-SU-2025:0048-1
Security update for python312
SUSE-SU-2024:3959-1
Security update for python312
SUSE-SU-2024:3958-1
Security update for python311
SUSE-SU-2024:3957-1
Security update for python311
SUSE-SU-2024:3945-1
Security update for python39
SUSE-SU-2024:3944-1
Security update for python3
SUSE-SU-2024:3929-1
Security update for python36
SUSE-SU-2024:3924-1
Security update for python310
SUSE-SU-2024:3879-1
Security update for python3
ROS-20250212-03
Уязвимость python3
RLSA-2024:10979
Moderate: python3.11 security update
GHSA-grqq-hcc7-crmr
A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected.
ELSA-2024-11111
ELSA-2024-11111: python3.11 security update (MODERATE)
ELSA-2024-10979
ELSA-2024-10979: python3.11 security update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | BDU:2025-03332 Уязвимость модуля cpython языка программирования Python, позволяющая нарушителю нарушить выполнить произвольный код | CVSS3: 7.8 | 0% Низкий | 8 месяцев назад |
 | CVE-2024-9287 A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected. | CVSS3: 7.8 | 0% Низкий | 8 месяцев назад |
 | CVE-2024-9287 A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected. | CVSS3: 6.3 | 0% Низкий | 8 месяцев назад |
 | CVE-2024-9287 A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected. | CVSS3: 7.8 | 0% Низкий | 8 месяцев назад |
 | CVSS3: 7.8 | 0% Низкий | 3 месяца назад | |
| CVE-2024-9287 A vulnerability has been found in the CPython `venv` module and CLI wh ... | CVSS3: 7.8 | 0% Низкий | 8 месяцев назад |
 | SUSE-SU-2025:0048-1 Security update for python312 | 0% Низкий | 5 месяцев назад | |
| SUSE-SU-2024:3959-1 Security update for python312 | 0% Низкий | 7 месяцев назад | |
| SUSE-SU-2024:3958-1 Security update for python311 | 0% Низкий | 7 месяцев назад | |
| SUSE-SU-2024:3957-1 Security update for python311 | 0% Низкий | 7 месяцев назад | |
| SUSE-SU-2024:3945-1 Security update for python39 | 0% Низкий | 7 месяцев назад | |
| SUSE-SU-2024:3944-1 Security update for python3 | 0% Низкий | 7 месяцев назад | |
| SUSE-SU-2024:3929-1 Security update for python36 | 0% Низкий | 7 месяцев назад | |
| SUSE-SU-2024:3924-1 Security update for python310 | 0% Низкий | 8 месяцев назад | |
| SUSE-SU-2024:3879-1 Security update for python3 | 0% Низкий | 8 месяцев назад | |
 | ROS-20250212-03 Уязвимость python3 | CVSS3: 7.8 | 0% Низкий | 4 месяца назад |
 | RLSA-2024:10979 Moderate: python3.11 security update | 0% Низкий | 6 месяцев назад | |
| GHSA-grqq-hcc7-crmr A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected. | CVSS3: 7.8 | 0% Низкий | 8 месяцев назад |
| ELSA-2024-11111 ELSA-2024-11111: python3.11 security update (MODERATE) | 6 месяцев назад | ||
| ELSA-2024-10979 ELSA-2024-10979: python3.11 security update (MODERATE) | 6 месяцев назад |
Уязвимостей на страницу