In Autoswitch Python Virtualenv before version 0.16.0, a user who enters a directory with a malicious `.venv` file could run arbitrary code without any user interaction. This is fixed in version: 1.16.0
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
autoswitch python virtualenv project autoswitch python virtualenv |