Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/python-virtualenv@1.9.1-1?distro=trixie
purl pkg:deb/debian/python-virtualenv@1.9.1-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-ezkx-6k4g-n3az pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a "pip install" operation. CVE-2013-1629
GHSA-g3p5-fjj9-h8gj
PYSEC-2013-8

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T09:26:42.567776+00:00 Debian Importer Fixing VCID-ezkx-6k4g-n3az https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-11T18:18:07.574382+00:00 Debian Importer Fixing VCID-ezkx-6k4g-n3az https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:50:56.333083+00:00 Debian Importer Fixing VCID-ezkx-6k4g-n3az https://security-tracker.debian.org/tracker/data/json 38.1.0