CVE-2024-41118 | opengeos streamlit-geospatial 7_ get_layers url server-side request forgery (GHSL-2024-100)

Inserito da Angelo Barbosa | Lug 27, 2024 | CVE

A vulnerability was found in opengeos streamlit-geospatial. It has been classified as critical. Affected is the function get_layers of the file pages/7_????_Web_Map_Service.py. The manipulation of the argument url leads to server-side request forgery.

This vulnerability is traded as CVE-2024-41118. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-41118 | opengeos streamlit-geospatial 7_ get_layers url server-side request forgery (GHSL-2024-100)

Post correlati

CVE-2024-1263 | Juanpao JPShop up to 1.5.02 API PosterController.php actionUpdate pic_url unrestricted upload

CVE-2023-27168 | Xpand IT Write-Back Manager 2.3.1 JSP File unrestricted upload

CVE-2023-51485 | WP Hosting Pay with Vipps and MobilePay for WooCommerce Plugin cross site scripting

CVE-2024-1565 | EmbedPress Plugin up to 3.9.10 on WordPress PDF Widget URL cross site scripting