CVE-2024-41118 | opengeos streamlit-geospatial 7_ get_layers url server-side request forgery (GHSL-2024-100)

Posted by Angelo Barbosa | Jul 27, 2024 | CVE

A vulnerability was found in opengeos streamlit-geospatial. It has been classified as critical. Affected is the function get_layers of the file pages/7_????_Web_Map_Service.py. The manipulation of the argument url leads to server-side request forgery.

This vulnerability is traded as CVE-2024-41118. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-41118 | opengeos streamlit-geospatial 7_ get_layers url server-side request forgery (GHSL-2024-100)

Related Posts

CVE-2024-33308 | TVS Motor Company Limited TVS Connet Emergency Contact Privilege Escalation

CVE-2023-51478 | Abdul Hakeem Build App Online Plugin up to 1.0.19 on WordPress improper authentication

CVE-2024-40535 | Shenzhen Libituo Technology LBT-T300-T400 3.2 config_3g_para apn_name_3g stack-based overflow

CVE-2024-38519 | yt-dlp 2023.09.24.003044/2023.7.06/2023.11.14 Working Directory unrestricted upload (GHSA-79w7-vh3h-8g4j)