CVE-2024-41120 | opengeos streamlit-geospatial 9_ gpd.read_file url server-side request forgery (GHSL-2024-100)

Inserito da Angelo Barbosa | Lug 27, 2024 | CVE

A vulnerability was found in opengeos streamlit-geospatial. It has been declared as critical. Affected by this vulnerability is the function gpd.read_file of the file pages/9_????_Vector_Data_Visualization.py. The manipulation of the argument url leads to server-side request forgery.

This vulnerability is known as CVE-2024-41120. The attack can be launched remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-41120 | opengeos streamlit-geospatial 9_ gpd.read_file url server-side request forgery (GHSL-2024-100)

Post correlati

CVE-2023-36878 | Microsoft Edge prior 120.0.2210.77 unknown vulnerability

CVE-2024-6357 | OpenText ArcSight Intelligence up to 6.4.12 authorization

CVE-2024-5767 | WP-FeedStats sitetweet Plugin up to 0.2 on WordPress cross site scripting

CVE-2024-43853 | Linux Kernel up to 6.1.102/6.6.43/6.10.2 cpuset proc_cpuset_show use after free