vulnerability
Alma Linux: CVE-2024-53899: Important: python36:3.6 security update (ALSA-2024-10953)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:S/C:C/I:C/A:C) | Nov 24, 2024 | Dec 19, 2024 | Aug 11, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:S/C:C/I:C/A:C)
Published
Nov 24, 2024
Added
Dec 19, 2024
Modified
Aug 11, 2025
Description
virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic template strings are not quoted correctly when replacing. NOTE: this is not the same as CVE-2024-9287.
Solutions
alma-upgrade-python-nose-docsalma-upgrade-python-pymongo-docalma-upgrade-python-sqlalchemy-docalma-upgrade-python-virtualenv-docalma-upgrade-python3-bsonalma-upgrade-python3-distroalma-upgrade-python3-docsalma-upgrade-python3-docutilsalma-upgrade-python3-nosealma-upgrade-python3-pygmentsalma-upgrade-python3-pymongoalma-upgrade-python3-pymongo-gridfsalma-upgrade-python3-pymysqlalma-upgrade-python3-scipyalma-upgrade-python3-sqlalchemyalma-upgrade-python3-virtualenvalma-upgrade-python3-wheelalma-upgrade-python3-wheel-wheelalma-upgrade-python36alma-upgrade-python36-debugalma-upgrade-python36-develalma-upgrade-python36-rpm-macros
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.