CVE-2024-9287

{"id": "CVE-2024-9287", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}], "cvssMetricV40": [{"type": "Secondary", "source": "cna@python.org", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "NOT_DEFINED", "baseScore": 5.3, "automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "GREEN", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "HIGH", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "HIGH", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "vulnerableSystemAvailability": "NONE", "subsequentSystemConfidentiality": "NONE", "vulnerableSystemConfidentiality": "HIGH", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-10-22T17:15:06.697", "references": [{"url": "https://github.com/python/cpython/commit/633555735a023d3e4d92ba31da35b1205f9ecbd7", "tags": ["Patch"], "source": "cna@python.org"}, {"url": "https://github.com/python/cpython/commit/8450b2482586857d689b6658f08de9c8179af7db", "tags": ["Patch"], "source": "cna@python.org"}, {"url": "https://github.com/python/cpython/commit/9286ab3a107ea41bd3f3c3682ce2512692bdded8", "tags": ["Patch"], "source": "cna@python.org"}, {"url": "https://github.com/python/cpython/commit/ae961ae94bf19c8f8c7fbea3d1c25cc55ce8ae97", "tags": ["Patch"], "source": "cna@python.org"}, {"url": "https://github.com/python/cpython/commit/d48cc82ed25e26b02eb97c6263d95dcaa1e9111b", "tags": ["Patch"], "source": "cna@python.org"}, {"url": "https://github.com/python/cpython/commit/e52095a0c1005a87eed2276af7a1f2f66e2b6483", "tags": ["Patch"], "source": "cna@python.org"}, {"url": "https://github.com/python/cpython/issues/124651", "tags": ["Issue Tracking"], "source": "cna@python.org"}, {"url": "https://github.com/python/cpython/pull/124712", "tags": ["Issue Tracking", "Patch"], "source": "cna@python.org"}, {"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/RSPJ2B5JL22FG3TKUJ7D7DQ4N5JRRBZL/", "tags": ["Vendor Advisory"], "source": "cna@python.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "cna@python.org", "description": [{"lang": "en", "value": "CWE-428"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-77"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment \"activation\" scripts (ie \"source venv/bin/activate\"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie \"./venv/bin/python\") are not affected."}, {"lang": "es", "value": " Se ha encontrado una vulnerabilidad en el m\u00f3dulo `venv` de CPython y en la CLI donde los nombres de ruta proporcionados al crear un entorno virtual no se citaban correctamente, lo que permit\u00eda al creador inyectar comandos en los scripts de \"activaci\u00f3n\" del entorno virtual (es decir, \"source venv/bin/activate\"). Esto significa que los entornos virtuales controlados por el atacante pueden ejecutar comandos cuando el entorno virtual est\u00e1 activado. Los entornos virtuales que no son creados por un atacante o que no se activan antes de ser utilizados (es decir, \"./venv/bin/python\") no se ven afectados."}], "lastModified": "2025-02-10T18:47:16.547", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33E41245-604A-4967-85A8-F3DC04E6D0CC", "versionEndExcluding": "3.9.21"}, {"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B013F87A-0CEE-4DC1-AAFC-7EBDAC6576C5", "versionEndExcluding": "3.10.16", "versionStartIncluding": "3.10.0"}, {"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC875838-E29D-4D06-84DA-8F552FCFD726", "versionEndExcluding": "3.11.11", "versionStartIncluding": "3.11.0"}, {"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D4899490-179B-4EB7-9713-912862F62B94", "versionEndExcluding": "3.12.8", "versionStartIncluding": "3.12.0"}, {"criteria": "cpe:2.3:a:python:python:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B186E2B1-39FF-4264-AAC3-CF6D5E767F30", "versionEndExcluding": "3.13.1", "versionStartIncluding": "3.13.0"}, {"criteria": "cpe:2.3:a:python:python:3.14.0:alpha1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BAEA33EC-9685-4778-B77C-3E127BD31DB9"}], "operator": "OR"}]}], "sourceIdentifier": "cna@python.org"}