EUVD-2020-30253

Malware in sbrugna...

USN-7216-1 tqdm vulnerability

It was discovered that tqdm did not properly sanitize non-boolean CLI Arguments. A local attacker could possibly use this issue to execute arbitrary code on the host. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. CVE-2024-34062...

Medium: python-tqdm

Issue Overview: tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments e.g. --delim, --buf-size, --manpath are passed through python's eval, allowing arbitrary code execution. This issue is only locally exploitable and had been addressed in release version...

OESA-2024-1555 python-tqdm security update

tqdm derives from the Arabic word taqaddum which can mean "progress". Instantly make your loops show a smart progress meter - just wrap any iterable with tqdminterable, and you are done! Security Fixes: tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments...

SUSE CVE-2024-34062

tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments e.g. --delim, --buf-size, --manpath are passed through python's eval, allowing arbitrary code execution. This issue is only locally exploitable and had been addressed in release version 4.66.3. All user...

CVE-2024-34062 tqdm CLI arguments injection attack

tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments e.g. --delim, --buf-size, --manpath are passed through python's eval, allowing arbitrary code execution. This issue is only locally exploitable and had been addressed in release version 4.66.3. All user...

PT-2024-25674

Name of the Vulnerable Software and Affected Versions tqdm versions prior to 4.66.3 Description tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments e.g. --delim, --buf-size, --manpath are passed through python's eval, allowing arbitrary code execution...

SUSE CVE-2015-8857

The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values when rewriting boolean expressions, which might allow attackers to bypass security mechanisms or possibly have unspecified other impact by leveraging improperly rewritten Javascript...

CVE-2020-9434

opensslx509checkipasc in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses luapushboolean for certain non-boolean return values...

CVE-2020-9434

opensslx509checkipasc in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses luapushboolean for certain non-boolean return values...

Security Bulletin: Security vulnerabilities have been identified in IBM Data Science Experience Local - Incorrect Handling of Non-Boolean Comparison During Minification

Summary IBM Data Science Experience Local - Information about security vulnerability concerning the incorrect handling of non-boolean comparison during minification. uglify-js package has been updated to a version with the fix. Vulnerability Details Please consult this advisory for more informati...

DEBIAN-CVE-2015-8857

The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values when rewriting boolean expressions, which might allow attackers to bypass security mechanisms or possibly have unspecified other impact by leveraging improperly rewritten Javascript...

UBUNTU-CVE-2015-8857

The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values when rewriting boolean expressions, which might allow attackers to bypass security mechanisms or possibly have unspecified other impact by leveraging improperly rewritten Javascript...

Joyent Node.js UglifyJS Security Bypass Vulnerability

Joyent Node.js is a web application platform built on top of Google's V8 JavaScript engine. A security vulnerability in Joyent Node.js UglifyJS allows remote attackers to alter functionality using specially crafted Javascript files, as the program fails to properly handle Non-Boolean comparisons...