VYPR

PyPI package

tqdm

pkg:pypi/tqdm

Vulnerabilities (2)

  • CVE-2024-34062MedMay 3, 2024
    affected >= 4.4.0, < 4.66.3fixed 4.66.3

    tqdm is an open source progress bar for Python and CLI. Any optional non-boolean CLI arguments (e.g. `--delim`, `--buf-size`, `--manpath`) are passed through python's `eval`, allowing arbitrary code execution. This issue is only locally exploitable and had been addressed in relea

  • CVE-2016-10075HigJan 19, 2017
    affected >= 4.4.1, < 4.11.2fixed 4.11.2

    The tqdm._version module in tqdm versions 4.4.1 and 4.10 allows local users to execute arbitrary code via a crafted repo with a malicious git log in the current working directory.