PyPI package
pipenv
pkg:pypi/pipenv
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-21668 | — | >= 2018.10.9, < 2022.1.8 | 2022.1.8 | Jan 10, 2022 | pipenv is a Python development workflow tool. Starting with version 2018.10.9 and prior to version 2022.1.8, a flaw in pipenv's parsing of requirements files allows an attacker to insert a specially crafted string inside a comment anywhere within a requirements.txt file, which wi |
- CVE-2022-21668Jan 10, 2022affected >= 2018.10.9, < 2022.1.8fixed 2022.1.8
pipenv is a Python development workflow tool. Starting with version 2018.10.9 and prior to version 2022.1.8, a flaw in pipenv's parsing of requirements files allows an attacker to insert a specially crafted string inside a comment anywhere within a requirements.txt file, which wi