USN-7216-1: tqdm vulnerability

It was discovered that tqdm did not properly sanitize non-boolean CLI Arguments. A local attacker could possibly use this issue to execute arbitrary code on the host. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. CVE-2024-34062...

USN-7216-1 tqdm vulnerability

It was discovered that tqdm did not properly sanitize non-boolean CLI Arguments. A local attacker could possibly use this issue to execute arbitrary code on the host. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. CVE-2024-34062...

Ubuntu 22.04 LTS / 24.04 LTS : tqdm vulnerability (USN-7216-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-7216-1 advisory. It was discovered that tqdm did not properly sanitize non-boolean CLI Arguments. A local attacker could possibly use this issue to execute arbitrary...

Medium: python-tqdm

Issue Overview: tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments e.g. --delim, --buf-size, --manpath are passed through python's eval, allowing arbitrary code execution. This issue is only locally exploitable and had been addressed in release version...

Medium: python-tqdm

Issue Overview: tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments e.g. --delim, --buf-size, --manpath are passed through python's eval, allowing arbitrary code execution. This issue is only locally exploitable and had been addressed in release version...

2404-segmentation-pipeline (>=0.1.0 <=1.0.0), 3deecelltracker (>=0.5.0a0 <=0.5.2a0) +2326 more potentially affected by CVE-2024-34062 via tqdm (>=4.50.0 <=4.66.2)

tqdm PYPI version =4.50.0, =0.1.0, =0.5.0a0, =0.0.3, =0.0.2, =0.0.5, =1.0.0, =2.0.0, =0.0.1b1, =0.7.1, =0.11.0 - ac-solver =0.1.0 and more Source cves: CVE-2024-34062 Source advisory: OSV:GHSA-G7VV-2V7X-GJ9P...

DEBIAN-CVE-2024-34062

tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments e.g. --delim, --buf-size, --manpath are passed through python's eval, allowing arbitrary code execution. This issue is only locally exploitable and had been addressed in release version 4.66.3. All user...

PYSEC-2017-74

The tqdm.version module in tqdm versions 4.4.1 and 4.10 allows local users to execute arbitrary code via a crafted repo with a malicious git log in the current working directory...

axelrod (>=1.9.0 <=2.10.0), chromatopy (>=1.8.0 <=1.9.0) +8 more potentially affected by CVE-2016-10075 via tqdm (>=2.2.3 <=3.8.0)

tqdm PYPI version =2.2.3, =1.9.0, =1.8.0, =0.3.0, =0.0.7, =0.0.102, =1.5.2, =0.1.0, =0.0.3, =0.0.4 Source cves: CVE-2016-10075 Source advisory: OSV:PYSEC-2017-74...

UBUNTU-CVE-2016-10075

The tqdm.version module in tqdm versions 4.4.1 and 4.10 allows local users to execute arbitrary code via a crafted repo with a malicious git log in the current working directory...

tqdm Remote Code Execution Vulnerability

tqdm is a fast, scalable progress meter from Python. A remote code execution vulnerability exists in tqdm. An attacker can exploit this vulnerability to execute arbitrary code in the context of an affected application...