CVE-2024-34062

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Published May 3, 2024

Updated: Jun 10, 2024

CWE ID 74

Summary

CVE-2024-34062 is a vulnerability affecting the popular Python progress bar library, tqdm. This issue permits arbitrary code execution when any non-boolean argument is passed through the library's `eval` function. This vulnerability is exclusively local and was resolved in release version 4.66.3. Users are strongly urged to upgrade to this version to mitigate the risk. Unfortunately, there are currently no known workarounds for this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/vr_bG4
https://www.cve.org/CVERecord?id=CVE-2024-34062
https://nvd.nist.gov/vuln/detail/CVE-2024-34062

Back to Vulnerability Database

CVE-2024-34062

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations