PT-2024-29273 · Unknown · Streamlit-Geospatial

Name of the Vulnerable Software and Affected Versions: streamlit-geospatial versions prior to commit c4f81d9616d40c60584e36abb15300853a66e489 Description: The issue concerns the use of user input in the vis params variable, which is later executed by the eval function, leading to remote code...

streamlit-geospatial 安全漏洞

streamlit-geospatial is an Open Geospatial Solutions open source streamlit multi-page application for geospatial applications. A security vulnerability exists in streamlit-geospatial, which stems from pages/10? The visparams variable in EarthEngineDatasets.py accepts user input that is then used ...