To report a security vulnerability, please use the Tidelift security contact. Tidelift will coordinate the fix and disclosure.
Security: pypa/pipenv
Security
SECURITY.md
-
Pipenv's requirements.txt parsing allows malicious index url in commentsGHSA-qc9x-gjcv-465w published
Jan 8, 2022 by frostmingHigh
Learn more about advisories related to pypa/pipenv in the GitHub Advisory Database