INFSA-2024:10953: python36:3.6 security update
Information about definition
Identificator: INFSA-2024:10953
Type: security
Release date: 2025-06-26 18:15:03 UTC
Information about package
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Vulnerabilities description
- CVE-2024-53899
A flaw was found in the virtualenv Python package. Due to the improper handling of quotes in magic template strings, the virtual environment activation script is vulnerable to OS command injection,leading to the loss of confidentiality,integrity and availability of the system.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2024-53899
|
no information | 7.8 | no information |
Updated packages