4 matches found
CVE-2023-46134 D-Tale vulnerable to Remote Code Execution through the Custom Filter Input
D-Tale is the combination of a Flask back-end and a React front-end to view & analyze Pandas data structures. Prior to version 3.7.0, users hosting D-Tale publicly can be vulnerable to remote code execution, allowing attackers to run malicious code on the server. This issue has been patched in...
CVE-2023-46134 D-Tale vulnerable to Remote Code Execution through the Custom Filter Input
D-Tale is the combination of a Flask back-end and a React front-end to view & analyze Pandas data structures. Prior to version 3.7.0, users hosting D-Tale publicly can be vulnerable to remote code execution, allowing attackers to run malicious code on the server. This issue has been patched in...
CVE-2023-46134
CVE-2023-46134 concerns D-Tale, a Flask back-end + React front-end tool for Pandas data. The vulnerability arises from the Custom Filter input, enabling remote code execution when D-Tale is hosted publicly and the input is not properly restricted. The issue was patched in version 3.7.0 by turning...
airi-test-task (=0.1.0), dtaledesktop (>=0.0.1 <=0.1.3) +13 more potentially affected by CVE-2023-46134 via dtale (>=2.16.0 <=3.22.0)
dtale PYPI version =2.16.0, =0.0.1, =0.1.0, =0.0.0.35, =0.1.1, =0.0.14, =0.0.5, =0.0.10, =1.0.0, =0.3.3, =0.1.0, =0.1.5 Source cves: CVE-2023-46134 Source advisory: OSV:GHSA-JQ6C-R9XF-QXJM...