CVE-2024-41120 | opengeos streamlit-geospatial 9_ gpd.read_file url server-side request forgery (GHSL-2024-100)

Inserito da Angelo Barbosa | Lug 27, 2024 | CVE

A vulnerability was found in opengeos streamlit-geospatial. It has been declared as critical. Affected by this vulnerability is the function gpd.read_file of the file pages/9_????_Vector_Data_Visualization.py. The manipulation of the argument url leads to server-side request forgery.

This vulnerability is known as CVE-2024-41120. The attack can be launched remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-41120 | opengeos streamlit-geospatial 9_ gpd.read_file url server-side request forgery (GHSL-2024-100)

Post correlati

CVE-2024-3053 | Forminator Plugin up to 1.29.2 on WordPress Shortcode forminator_form cross site scripting

CVE-2024-7000 | Google Chrome up to 126.0.6478.182 CSS use after free

CVE-2024-34020 | hcode up to 2.1 mail.c putSDN stack-based overflow

CVE-2024-40407 | Cybele Software Thinfinity Workspace prior 7.0.2.113 information disclosure