VYPR

rpm package

opensuse/python-virtualenv&distro=openSUSE Leap 15.6

pkg:rpm/opensuse/python-virtualenv&distro=openSUSE%20Leap%2015.6

Vulnerabilities (2)

  • CVE-2026-22702Jan 10, 2026
    affected < 20.22.0-150400.9.9.1fixed 20.22.0-150400.9.9.1

    virtualenv is a tool for creating isolated virtual python environments. Prior to version 20.36.1, TOCTOU (Time-of-Check-Time-of-Use) vulnerabilities in virtualenv allow local attackers to perform symlink-based attacks on directory creation operations. An attacker with local acces

  • CVE-2024-53899Nov 24, 2024
    affected < 20.22.0-150400.9.6.1fixed 20.22.0-150400.9.6.1

    virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287.