Should I Manually Patch the Pandas DataFrame.query() Vulnerability or Wait for an Official Update?
I’m currently addressing the Pandas DataFrame.query() Code Injection vulnerability, which allows arbitrary code execution if unsafe user input is processed by the .query() method. I understand this issue arises because the query() method can execute expressions within the context of the DataFrame, potentially leading to security risks.
Should I Manually Patch the Pandas DataFrame.query() Vulnerability or Wait for an Official Update?
I’m currently addressing the Pandas DataFrame.query() Code Injection vulnerability, which allows arbitrary code execution if unsafe user input is processed by the .query() method. I understand this issue arises because the query() method can execute expressions within the context of the DataFrame, potentially leading to security risks.