CVE-2020-11073
Published
CVSS v3
7.9
HIGH
CVSS v2
4.6
MEDIUM
Affected
1
PROJECT
Description
In Autoswitch Python Virtualenv before version 0.16.0, a user who enters a directory with a malicious `.venv` file could run arbitrary code without any user interaction. This is fixed in version: 1.16.0
🐍 ZSH plugin to automatically switch python virtualenvs (including pipenv and poetry) as you move between directories
GitHub