VYPR

Dtale

by Man Group

pypi: dtale

Source repositories

CVEs (5)

  • CVE-2024-21642HigJan 5, 2024
    risk 0.42cvss 7.5epss 0.01

    D-Tale is a visualizer for Pandas data structures. Users hosting versions D-Tale prior to 3.9.0 publicly can be vulnerable to server-side request forgery (SSRF), allowing attackers to access files on the server. Users should upgrade to version 3.9.0, where the `Load From the…

  • CVE-2024-55890MedDec 13, 2024
    risk 0.38cvss epss 0.01

    D-Tale is a visualizer for pandas data structures. Prior to version 3.16.1, users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. Users should upgrade to version 3.16.1 where the `update-settings`…

  • CVE-2024-45595MedSep 10, 2024
    risk 0.33cvss 6.1epss 0.01

    D-Tale is a visualizer for Pandas data structures. Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. Users should upgrade to version 3.14.1 where the "Custom Filter" input is turned off by default.

  • CVE-2023-46134MedOct 25, 2023
    risk 0.33cvss 6.1epss 0.01

    D-Tale is the combination of a Flask back-end and a React front-end to view & analyze Pandas data structures. Prior to version 3.7.0, users hosting D-Tale publicly can be vulnerable to remote code execution, allowing attackers to run malicious code on the server. This issue has…

  • CVE-2026-27194Feb 21, 2026
    risk 0.00cvss epss 0.01

    D-Tale is a visualizer for pandas data structures. Versions prior to 3.20.0 are vulnerable to Remote Code Execution through the /save-column-filter endpoint. Users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the…