Количество 32
Количество 32
CVE-2024-9287
A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected.
CVE-2024-9287
A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected.
CVE-2024-9287
A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected.
CVE-2024-9287
CVE-2024-9287
A vulnerability has been found in the CPython `venv` module and CLI wh ...
SUSE-SU-2025:0048-1
Security update for python312
SUSE-SU-2024:3959-1
Security update for python312
SUSE-SU-2024:3958-1
Security update for python311
SUSE-SU-2024:3957-1
Security update for python311
SUSE-SU-2024:3945-1
Security update for python39
SUSE-SU-2024:3944-1
Security update for python3
SUSE-SU-2024:3929-1
Security update for python36
SUSE-SU-2024:3924-1
Security update for python310
SUSE-SU-2024:3879-1
Security update for python3
ROS-20250212-03
Уязвимость python3
RLSA-2024:11111
Moderate: python3.11 security update
RLSA-2024:10979
Moderate: python3.11 security update
GHSA-grqq-hcc7-crmr
A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected.
ELSA-2024-11111
ELSA-2024-11111: python3.11 security update (MODERATE)
ELSA-2024-10979
ELSA-2024-10979: python3.11 security update (MODERATE)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-9287 A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected. | CVSS3: 7.8 | 0% Низкий | около 1 года назад |
 | CVE-2024-9287 A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected. | CVSS3: 6.3 | 0% Низкий | около 1 года назад |
 | CVE-2024-9287 A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected. | CVSS3: 7.8 | 0% Низкий | около 1 года назад |
 | CVSS3: 7.8 | 0% Низкий | 8 месяцев назад | |
| CVE-2024-9287 A vulnerability has been found in the CPython `venv` module and CLI wh ... | CVSS3: 7.8 | 0% Низкий | около 1 года назад |
 | SUSE-SU-2025:0048-1 Security update for python312 | 0% Низкий | 10 месяцев назад | |
| SUSE-SU-2024:3959-1 Security update for python312 | 0% Низкий | 12 месяцев назад | |
| SUSE-SU-2024:3958-1 Security update for python311 | 0% Низкий | 12 месяцев назад | |
| SUSE-SU-2024:3957-1 Security update for python311 | 0% Низкий | 12 месяцев назад | |
| SUSE-SU-2024:3945-1 Security update for python39 | 0% Низкий | 12 месяцев назад | |
| SUSE-SU-2024:3944-1 Security update for python3 | 0% Низкий | 12 месяцев назад | |
| SUSE-SU-2024:3929-1 Security update for python36 | 0% Низкий | 12 месяцев назад | |
| SUSE-SU-2024:3924-1 Security update for python310 | 0% Низкий | 12 месяцев назад | |
| SUSE-SU-2024:3879-1 Security update for python3 | 0% Низкий | около 1 года назад | |
 | ROS-20250212-03 Уязвимость python3 | CVSS3: 7.8 | 0% Низкий | 9 месяцев назад |
 | RLSA-2024:11111 Moderate: python3.11 security update | 0% Низкий | 8 месяцев назад | |
| RLSA-2024:10979 Moderate: python3.11 security update | 0% Низкий | 11 месяцев назад | |
| GHSA-grqq-hcc7-crmr A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected. | CVSS3: 7.8 | 0% Низкий | около 1 года назад |
| ELSA-2024-11111 ELSA-2024-11111: python3.11 security update (MODERATE) | 11 месяцев назад | ||
| ELSA-2024-10979 ELSA-2024-10979: python3.11 security update (MODERATE) | 11 месяцев назад |
Уязвимостей на страницу