CVE-2024-21642 D-Tale server-side request forgery through Web uploads

D-Tale is a visualizer for Pandas data structures. Users hosting versions D-Tale prior to 3.9.0 publicly can be vulnerable to server-side request forgery SSRF, allowing attackers to access files on the server. Users should upgrade to version 3.9.0, where the Load From the Web input is turned off ...

Man Group D-Tale Code Issue Vulnerability

Man Group D-Tale is a pandas data structure visualization tool from Man Group. A code issue vulnerability exists in Man Group D-Tale versions prior to 3.9.0. An attacker could exploit the vulnerability to gain access to files on the server...

PT-2024-18992 · D-Tale · D-Tale

Name of the Vulnerable Software and Affected Versions: D-Tale versions prior to 3.9.0 Description: D-Tale is a visualizer for Pandas data structures. Users hosting versions prior to 3.9.0 publicly can be vulnerable to server-side request forgery SSRF, allowing attackers to access files on the...

CVE-2023-46134

D-Tale is the combination of a Flask back-end and a React front-end to view & analyze Pandas data structures. Prior to version 3.7.0, users hosting D-Tale publicly can be vulnerable to remote code execution, allowing attackers to run malicious code on the server. This issue has been patched in...

CVE-2023-46134

CVE-2023-46134 concerns D-Tale, a Flask back-end + React front-end tool for Pandas data. The vulnerability arises from the Custom Filter input, enabling remote code execution when D-Tale is hosted publicly and the input is not properly restricted. The issue was patched in version 3.7.0 by turning...

CVE-2023-46134 D-Tale vulnerable to Remote Code Execution through the Custom Filter Input

D-Tale is the combination of a Flask back-end and a React front-end to view & analyze Pandas data structures. Prior to version 3.7.0, users hosting D-Tale publicly can be vulnerable to remote code execution, allowing attackers to run malicious code on the server. This issue has been patched in...

CVE-2023-46134 D-Tale vulnerable to Remote Code Execution through the Custom Filter Input

D-Tale is the combination of a Flask back-end and a React front-end to view & analyze Pandas data structures. Prior to version 3.7.0, users hosting D-Tale publicly can be vulnerable to remote code execution, allowing attackers to run malicious code on the server. This issue has been patched in...

CVE-2023-46134 D-Tale vulnerable to Remote Code Execution through the Custom Filter Input

D-Tale is the combination of a Flask back-end and a React front-end to view & analyze Pandas data structures. Prior to version 3.7.0, users hosting D-Tale publicly can be vulnerable to remote code execution, allowing attackers to run malicious code on the server. This issue has been patched in...

GHSA-JQ6C-R9XF-QXJM dtale vulnerable to Remote Code Execution through the Custom Filter Input

Impact Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. Patches Users should upgrade to version 3.7.0 where the "Custom Filter" input is turned off by default. You can find out more information on how to turn it back ...

D-Tale Security Breach

Man Group D-Tale is a pandas data structure visualization tool from Man Group. A security vulnerability exists in D-Tale versions prior to 3.7.0 that stems from a possible vulnerability to remote code execution attacks, which could allow an attacker to run malicious code on the server...

PT-2023-29867 · D-Tale · D-Tale

Name of the Vulnerable Software and Affected Versions: D-Tale versions prior to 3.7.0 Description: The issue allows remote code execution, enabling attackers to run malicious code on the server. This is particularly concerning for users hosting D-Tale publicly. The estimated number of potentially...