Plotly security issues with kaleido

iyermuku · November 24, 2023, 3:02pm

Hi,
I am using kaleido 0.2.1 to export images from plotly. However, I have a bunch of security issues in using kaleido. Most imortant of them are

Object|CVE|CVSS3|Component|Version|Latest version|
| — | — | — | — | — | — | — | — |
kaleido|CVE-2022-37434|9.8|zlib|1.2.11|1.3|
kaleido.exe|CVE-2022-37434|9.8|zlib|1.2.11|1.3|
libexpat.so.1|CVE-2022-25315|9.8|expat|2.1.0-7ubuntu0.16.04.5|2.5.0|
kaleido|CVE-2017-15399|8.8|v8|5.228.169.9|10.5.91|

I observed that kaleido was last developed in April 2021. My questions:

Are there plans to upgrade security features on kaleido?
If not, is there an equivalent option to export images using plotly?

If not, we will perhaps require to revisit the use of plotly.

Mukund
#security

Topic		Replies	Views
Save Plotly Static Image: kaleido version problems 📊 Plotly Python	1	107	February 10, 2025
:mega: Announcing Plotly.py 4.9 - Kaleido for static image export, Hexbin Tile Maps, and Timelines 📊 Plotly Python announcements	3	9249	July 20, 2020
Regarding problem on 'plotly+Kaleido'. When are you going to fix? 📊 Plotly Python bug-reporter	1	365	January 31, 2025
Plotly Static Image Export in Production Environment Dash Python	1	890	December 2, 2021
Kaleido replacement? 📊 Plotly Python question	2	1038	November 21, 2024

Plotly security issues with kaleido

Related topics