View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2016-10075 severity important: SUSE including 8 source package names (python-tqdm-bash-completion-4.62.2-1.2, python-tqdm-bash-completion-4.66.1-150400.9.3.1, …), 8 product×package rows across 3 product lines (SUSE Linux Enterprise Module for Python 3 15 SP6, SUSE Linux Enterprise Server 16.0, openSUSE Tumbleweed): Fixed 8.
The tqdm._version module in tqdm versions 4.4.1 and 4.10 allows local users to execute arbitrary code via a crafted repo with a malicious git log in the current working directory.