tqdm CLI arguments injection attack

Impact Any optional non-boolean CLI arguments e.g. --delim, --buf-size, --manpath are passed through python's eval, allowing arbitrary code execution. Example: sh python -m tqdm --manpath="" + strexec"import os\nos.system'echo hi && killall python3'" + "" Patches...

DEBIAN-CVE-2024-34062

tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments e.g. --delim, --buf-size, --manpath are passed through python's eval, allowing arbitrary code execution. This issue is only locally exploitable and had been addressed in release version 4.66.3. All user...

CVE-2024-34062 tqdm CLI arguments injection attack

tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments e.g. --delim, --buf-size, --manpath are passed through python's eval, allowing arbitrary code execution. This issue is only locally exploitable and had been addressed in release version 4.66.3. All user...

tqdm 安全漏洞

tqdm is a fast, extensible progress bar for Python and the CLI from the tqdm open source. A security vulnerability exists in versions of tqdm prior to 4.66.3, which stems from the fact that any optional non-Boolean CLI arguments can be passed through python's eval, allowing arbitrary code executi...

GHSA-R56X-J438-VW5M vyper performs double eval of the slice start/length args in certain cases

Summary Using the slice builtin can result in a double eval vulnerability when the buffer argument is either msg.data, self.code or .code and either the start or length arguments have side-effects. A contract search was performed and no vulnerable contracts were found in production. Having...

vyper performs double eval of the slice start/length args in certain cases

Summary Using the slice builtin can result in a double eval vulnerability when the buffer argument is either msg.data, self.code or .code and either the start or length arguments have side-effects. A contract search was performed and no vulnerable contracts were found in production. Having...

CVE-2024-32649

Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the sqrt builtin can result in double eval vulnerability when the argument has side-effects. It can be seen that the buildIR function of the sqrt builtin doesn't cache the argument to...

CVE-2024-32647

Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the createfromblueprint builtin can result in a double eval vulnerability when rawargs=True and the args argument has side-effects. It can be seen that the buildcreateIR function of t...

CVE-2024-32646

Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the slice builtin can result in a double eval vulnerability when the buffer argument is either msg.data, self.code or .code and either the start or length arguments have side-effects...

CVE-2024-32649

Vyper CVE-2024-32649 affects versions 0.3.10 and earlier, where the sqrt builtin’s build_IR does not cache its argument, allowing potential double evaluation when the argument has side-effects. The affected component is the sqrt builtin in Vyper’s IR generation, leading to multiple evaluations of...

CVE-2024-32647 vyper performs double eval of raw_args in create_from_blueprint

Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the createfromblueprint builtin can result in a double eval vulnerability when rawargs=True and the args argument has side-effects. It can be seen that the buildcreateIR function of t...

CVE-2024-32647

Vyper vulnerability CVE-2024-32647 concerns the create_from_blueprint builtin prior to version 0.3.11. The root cause is that the _build_create_IR path does not cache the args parameter on the stack when raw_args=True and args have side-effects, allowing the argument to be evaluated multiple time...

CVE-2024-32646 vyper performs double eval of the slice args when buffer from adhoc locations

Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the slice builtin can result in a double eval vulnerability when the buffer argument is either msg.data, self.code or .code and either the start or length arguments have side-effects...

CVE-2024-32646

Vyper CVE-2024-32646 affects the Pythonic smart contract language. The vulnerability concerns the builtin slice when the buffer is msg.data, self.code, or .code and either the start or length has side-effects, causing a double evaluation of those side-effects. It is triggerable only in versions e...

NULL Pointer Dereference

Overview Affected versions of this package are vulnerable to NULL Pointer Dereference due to an erroneous lexical scope of this with eval. An attacker can cause a denial of service or potentially execute arbitrary code by triggering a NULL pointer dereference. PoC c function foo function Bar clas...

CVE-2023-48183

QuickJS before c4cdd61 has a buildforiniterator NULL pointer dereference because of an erroneous lexical scope of "this" with eval...

DEBIAN-CVE-2023-48183

QuickJS before c4cdd61 has a buildforiniterator NULL pointer dereference because of an erroneous lexical scope of "this" with eval...

CVE-2023-48183

QuickJS before c4cdd61 has a buildforiniterator NULL pointer dereference because of an erroneous lexical scope of "this" with eval...

CVE-2023-48183

QuickJS before c4cdd61 has a buildforiniterator NULL pointer dereference because of an erroneous lexical scope of "this" with eval...

UBUNTU-CVE-2023-48183

QuickJS before c4cdd61 has a buildforiniterator NULL pointer dereference because of an erroneous lexical scope of "this" with eval...