CVE-2024-55890 – D-Tale Remote Code Execution

12月 13, 2024
7:17 pm

CVE ID : CVE-2024-55890

Published : Dec. 13, 2024, 6:15 p.m. | 1 hour, 2 minutes ago

Description : D-Tale is a visualizer for pandas data structures. Prior to version 3.16.1, users hosting D-Tale publicly can be vulnerable to remote code execution allowing attackers to run malicious code on the server. Users should upgrade to version 3.16.1 where the `update-settings` endpoint blocks the ability for users to update the `enable_custom_filters` flag. The only workaround for versions earlier than 3.16.1 is to only host D-Tale to trusted users.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-55890 – D-Tale Remote Code Execution

Elvescore.io

Recent Posts

CVE-2024-12949 – Code-projects Travel Management System SQL Injection Vulnerability

CVE-2024-12950 – Adobe Code-Projects Travel Management System SQL Injection Vulnerability

CVE-2024-47148 – Honor Privilege Assignment Vulnerability

CVE-2024-47153 – Honor Information Leak Vulnerability

CVE-2024-47154 – Honor Information Leak Vulnerability

CVE-2024-47155 – Honor Information Leak Vulnerability

CVE-2024-55890 – D-Tale Remote Code Execution

CVE-2024-55890 – D-Tale Remote Code Execution