Aschonfeld

**Name of the Vulnerable Software and Affected Versions** D-Tale versions prior to 3.20.0 **Description** D-Tale, a visualizer for pandas data structures, has an issue allowing for Remote Code Execution. This is due to a flaw in the `/save-column-filter` API endpoint. Publicly hosted instances of D-Tale are susceptible, potentially allowing attackers to execute malicious code on the server. The `save-column-filter` endpoint is the entry point for this issue. **Recommendations** Update to version 3.20.0 or later.