CVE-2024-42992

Name of the Vulnerable Software and Affected Versions Pandas version 2.2.2

Description A critical flaw was discovered in the Pandas library, allowing for arbitrary file reads, which risks sensitive data exposure. The library has been downloaded over 54 million times and is a cornerstone tool for data scientists, developers, and analysts across the globe.

Recommendations For Pandas version 2.2.2, limit its use in sensitive environments and stay vigilant until a patch is available. As a temporary workaround, consider restricting access to sensitive files and directories to minimize the risk of exploitation.