CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Virtualenv: >> Virtualenv >> 1.11.3 Security Vulnerabilities

CVE-2024-53899

virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287.

CVSS Score

7.8

EPSS Score

0.006

Published

2024-11-24

Page 1

Vulnerabilities

Vulnerable Software

Virtualenv: >> Virtualenv >> 1.11.3 Security Vulnerabilities

Products

Pricing

Contact Us