ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2024.0299
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2024-0299)
Resumen:	The remote host is missing an update for the 'python-tqdm' package(s) announced via the MGASA-2024-0299 advisory.
Descripción:	Summary: The remote host is missing an update for the 'python-tqdm' package(s) announced via the MGASA-2024-0299 advisory. Vulnerability Insight: Any optional non-boolean CLI arguments (e.g. `--delim`, `--buf-size`, `--manpath`) are passed through python's `eval`, allowing arbitrary code execution. This issue is only locally exploitable. Affected Software/OS: 'python-tqdm' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-34062 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VA337CYUS4SLRFV2P6MX6MZ2LKFURKJC/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PA3GIGHPWAHCTT4UF57LTPZGWHAX3GW6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRECVQCCESHBS3UJOWNXQUIX725TKNY6/ https://github.com/tqdm/tqdm/commit/4e613f84ed2ae029559f539464df83fa91feb316 https://github.com/tqdm/tqdm/security/advisories/GHSA-g7vv-2v7x-gj9p
Copyright	Copyright (C) 2024 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.