1. Home
  2. Mapping Frameworks
  3. CVE Home
  4. zsh-autoswitch-virtualenv

CVE CVE-2020-11073 Mappings

In Autoswitch Python Virtualenv before version 0.16.0, a user who enters a directory with a malicious `.venv` file could run arbitrary code without any user interaction. This is fixed in version: 1.16.0

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CVE-2020-11073 zsh-autoswitch-virtualenv primary_impact T1059 Command and Scripting Interpreter
CVE-2020-11073 zsh-autoswitch-virtualenv exploitation_technique T1204.002 Malicious File