Bitnami package
virtualenv
pkg:bitnami/virtualenv
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-22702 | — | < 20.36.1 | 20.36.1 | Jan 10, 2026 | virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU (Time-of-Check-Time-of-Use) vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local acces | ||
| CVE-2024-53899 | — | < 20.26.6 | 20.26.6 | Nov 24, 2024 | virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287. |
- CVE-2026-22702Jan 10, 2026affected < 20.36.1fixed 20.36.1
virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU (Time-of-Check-Time-of-Use) vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local acces
- CVE-2024-53899Nov 24, 2024affected < 20.26.6fixed 20.26.6
virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287.