| Release | Version |
|---|---|
| bullseye | 20.4.0+ds-2+deb11u1 |
| bookworm | 20.17.1+ds-1 |
| trixie | 20.31.2+ds-1 |
| forky | 20.35.3+ds-1 |
| sid | 20.35.3+ds-1 |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2024-53899 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | fixed | fixed | fixed | virtualenv before 20.26.6 allows command injection through the activat ... |
| Bug | Description |
|---|---|
| CVE-2013-1629 | pip before 1.3 uses HTTP to retrieve packages from the PyPI repository ... |
| CVE-2011-4617 | virtualenv.py in virtualenv before 1.5 allows local users to overwrite ... |