CVE-2024-41114 Remote code execution in streamlit geospatial in pages/1_📷_Timelapse.py MODIS Gap filled Land Surface Temperature Daily option

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the palette variable on line 430 in pages/1📷Timelapse.py takes user input, which is later used in the eval function on line 435, leading to remote code executio...

CVE-2024-41114 Remote code execution in streamlit geospatial in pages/1_📷_Timelapse.py MODIS Gap filled Land Surface Temperature Daily option

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the palette variable on line 430 in pages/1📷Timelapse.py takes user input, which is later used in the eval function on line 435, leading to remote code executio...

CVE-2024-41114

The CVE-2024-41114 issue affects streamlit-geospatial, specifically in pages/1_📷_Timelapse.py where the palette input is used in eval(), enabling remote code execution prior to the fix in commit c4f81d9616d40c60584e36abb15300853a66e489. The vulnerability occurs in versions prior to that commit. T...

CVE-2024-41113 Remote code execution in streamlit geospatial in pages/1_📷_Timelapse.py Any Earth Engine ImageCollection option vis_params

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the visparams variable on line 383 or line 390 in pages/1📷Timelapse.py takes user input, which is later used in the eval function on line 395, leading to remote...

CVE-2024-41113 Remote code execution in streamlit geospatial in pages/1_📷_Timelapse.py Any Earth Engine ImageCollection option vis_params

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the visparams variable on line 383 or line 390 in pages/1📷Timelapse.py takes user input, which is later used in the eval function on line 395, leading to remote...

CVE-2024-41113 Remote code execution in streamlit geospatial in pages/1_📷_Timelapse.py Any Earth Engine ImageCollection option vis_params

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the visparams variable on line 383 or line 390 in pages/1📷Timelapse.py takes user input, which is later used in the eval function on line 395, leading to remote...

CVE-2024-41113

CVE-2024-41113 affects streamlit-geospatial: a flaw in pages/1_📷_Timelapse.py where the vis_params user input is fed to eval(), enabling remote code execution. Root cause: unsanitized user input used in eval on lines 383–395. Impact: remote code execution with high confidentiality, integrity, and...

CVE-2024-41112 Remote code execution in streamlit geospatial in pages/1_📷_Timelapse.py Any Earth Engine ImageCollection option palette

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the palette variable in pages/1📷Timelapse.py takes user input, which is later used in the eval function on line 380, leading to remote code execution. Commit...

CVE-2024-41112 Remote code execution in streamlit geospatial in pages/1_📷_Timelapse.py Any Earth Engine ImageCollection option palette

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the palette variable in pages/1📷Timelapse.py takes user input, which is later used in the eval function on line 380, leading to remote code execution. Commit...

CVE-2024-41112

CVE-2024-41112 affects streamlit-geospatial. The palette variable in pages/1_📷_Timelapse.py accepts user input and is used in eval() at line 380, enabling remote code execution prior to commit c4f81d9616d40c60584e36abb15300853a66e489. The commit fixes this issue. NVD lists CVSS v3.1 base score 9....

streamlit-geospatial 安全漏洞

streamlit-geospatial is an Open Geospatial Solutions open source streamlit multi-page application for geospatial applications. A security vulnerability exists in streamlit-geospatial, which originates in pages/1? The palette variable in Timelapse.py accepts user input that is then used in the eva...

streamlit-geospatial 安全漏洞

streamlit-geospatial is an Open Geospatial Solutions open source streamlit multi-page application for geospatial applications. A security vulnerability exists in streamlit-geospatial, which originates in pages/1? The palette variable in Timelapse.py accepts user input that is then used in the eva...

streamlit-geospatial 安全漏洞

streamlit-geospatial is an Open Geospatial Solutions open source streamlit multi-page application for geospatial applications. A security vulnerability exists in streamlit-geospatial, which originates in pages/1? The visparams variable in Timelapse.py accepts user input that is then used in the...

streamlit-geospatial 安全漏洞

streamlit-geospatial is an Open Geospatial Solutions open source streamlit multi-page application for geospatial applications. A security vulnerability exists in streamlit-geospatial, which originates in pages/1? The palette variable in Timelapse.py accepts user input that is then used in the eva...

streamlit-geospatial 安全漏洞

streamlit-geospatial is an Open Geospatial Solutions open source streamlit multi-page application for geospatial applications. A security vulnerability exists in streamlit-geospatial, which originates in pages/1? The visparams variable in Timelapse.py accepts user input that is then used in the...

streamlit-geospatial 安全漏洞

streamlit-geospatial is an Open Geospatial Solutions open source streamlit multi-page application for geospatial applications. A security vulnerability exists in streamlit-geospatial, which stems from pages/10? The visparams variable in EarthEngineDatasets.py accepts user input that is then used ...

streamlit-geospatial 代码问题漏洞

streamlit-geospatial is an Open Geospatial Solutions open source streamlit multi-page application for geospatial applications. A code issue vulnerability exists in streamlit-geospatial that stems from pages/7? The url variable in WebMapService.py accepts user input that is passed to the getlayers...

streamlit-geospatial 代码问题漏洞

streamlit-geospatial is an Open Geospatial Solutions open source streamlit multi-page application for geospatial applications. A code issue vulnerability exists in streamlit-geospatial that stems from pages/9? The url variable in VectorDataVisualization.py accepts user input, which is then passed...

streamlit-geospatial 安全漏洞

streamlit-geospatial is a streamlit multi-page application for geospatial applications open-sourced by Open Geospatial Solutions. A security vulnerability exists in streamlit-geospatial that stems from 8????? The visparams variable in RasterDataVisualization.py accepts user input that is then use...