9.8
CVSSv3

CVE-2024-53899

Published: 24/11/2024 Updated: 26/11/2024

Vulnerability Summary

virtualenv prior to 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

virtualenv virtualenv