Lucene search
K

4 matches found

Cvelist
Cvelist
added 2023/10/25 8:51 p.m.20 views

CVE-2023-46134 D-Tale vulnerable to Remote Code Execution through the Custom Filter Input

D-Tale is the combination of a Flask back-end and a React front-end to view & analyze Pandas data structures. Prior to version 3.7.0, users hosting D-Tale publicly can be vulnerable to remote code execution, allowing attackers to run malicious code on the server. This issue has been patched in...

6.1CVSS9.8AI score0.00756EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/10/25 8:51 p.m.11 views

CVE-2023-46134 D-Tale vulnerable to Remote Code Execution through the Custom Filter Input

D-Tale is the combination of a Flask back-end and a React front-end to view & analyze Pandas data structures. Prior to version 3.7.0, users hosting D-Tale publicly can be vulnerable to remote code execution, allowing attackers to run malicious code on the server. This issue has been patched in...

6.1CVSS7.5AI score0.00756EPSS
Exploits0References2
CVE
CVE
added 2023/10/25 8:51 p.m.76 views

CVE-2023-46134

CVE-2023-46134 concerns D-Tale, a Flask back-end + React front-end tool for Pandas data. The vulnerability arises from the Custom Filter input, enabling remote code execution when D-Tale is hosted publicly and the input is not properly restricted. The issue was patched in version 3.7.0 by turning...

9.8CVSS8AI score0.00756EPSS
Exploits0References2Affected Software1
vulnersOsv
vulnersOsv
added 2023/10/25 2:20 p.m.6 views

airi-test-task (=0.1.0), dtaledesktop (>=0.0.1 <=0.1.3) +13 more potentially affected by CVE-2023-46134 via dtale (>=2.16.0 <=3.22.0)

dtale PYPI version =2.16.0, =0.0.1, =0.1.0, =0.0.0.35, =0.1.1, =0.0.14, =0.0.5, =0.0.10, =1.0.0, =0.3.3, =0.1.0, =0.1.5 Source cves: CVE-2023-46134 Source advisory: OSV:GHSA-JQ6C-R9XF-QXJM...

9.8CVSS7.2AI score0.00756EPSS
Exploits0
Rows per page
Query Builder