Lucene search
Redhat.comRH:CVE-2024-34062HistoryMay 03, 2024 - 5:54 p.m.
CVE-2024-34062
2024-05-0317:54:42
redhat.com
access.redhat.com
8
cve-2024-34062
python-tqdm
vulnerability
local code execution
command line arguments
A flaw was found in python-tqdm. When processing non-boolean command line arguments, python-tqdm uses python’s eval function but fails to properly sanitize the input provided by the user. This flaw allows an attacker to trick a user into running python-tqdm with crafted command line arguments, resulting in local code execution.
Mitigation
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Related
cvelist
cvelist
CVE-2024-34062 tqdm CLI arguments injection attack
2024-05-03 09:55:26
github
github
tqdm CLI arguments injection attack
2024-05-03 19:33:28
nessus
nessus
Fedora 40 : python-tqdm (2024-35acb3b48f)
2024-05-16 00:00:00
Fedora 39 : python-tqdm (2024-ef71921bde)
2024-05-16 00:00:00
Fedora 38 : python-tqdm (2024-24e4bba70f)
2024-05-16 00:00:00
cgr
cgr
CVE-2024-34062 vulnerabilities
2024-05-19 03:07:16
osv
osv
CVE-2024-34062
2024-05-03 10:15:08
tqdm CLI arguments injection attack
2024-05-03 19:33:28
wolfi
wolfi
CVE-2024-34062 vulnerabilities
2024-06-02 22:01:16
cve
cve
CVE-2024-34062
2024-05-03 10:15:08
fedora
fedora
[SECURITY] Fedora 40 Update: python-tqdm-4.66.4-2.fc40
2024-05-16 01:52:32
[SECURITY] Fedora 39 Update: python-tqdm-4.66.4-2.fc39
2024-05-16 01:09:30
[SECURITY] Fedora 38 Update: python-tqdm-4.66.4-2.fc38
2024-05-16 01:27:25
veracode
veracode
Code Injection
2024-05-06 11:52:57
debiancve
debiancve
CVE-2024-34062
2024-05-03 10:15:08
alpinelinux
alpinelinux
CVE-2024-34062
2024-05-03 10:15:08