geotils (=0.3.0.post2), ipp-toolkit (=0.1.2) +1 more potentially affected by CVE-2024-49048 via torchgeo (>=0.4.1 <=0.5.2)

torchgeo PYPI version =0.4.1, =0.1.0, =0.1.1 Source cves: CVE-2024-49048 Source advisory: OSV:GHSA-GHQ9-VC6F-8QJF...

GHSA-GHQ9-VC6F-8QJF TorchGeo Remote Code Execution Vulnerability

Impact TorchGeo 0.4–0.6.0 used an eval statement in its model weight API that could allow an unauthenticated, remote attacker to execute arbitrary commands. All platforms that expose torchgeo.models.getweight or torchgeo.trainers as an external API could be affected. Patches The eval statement wa...

geotils (=0.3.0.post2), ipp-toolkit (=0.1.2) +1 more potentially affected by CVE-2024-49048 via torchgeo (>=0.4.1 <=0.5.2)

torchgeo PYPI version =0.4.1, =0.1.0, =0.1.1 Source cves: CVE-2024-49048 Source advisory: SNYK:PYTHON-TORCHGEO-8370211...

Duplicate Advisory: TorchGeo Remote Code Execution Vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-ghq9-vc6f-8qjf. This link is maintained to preserve external references. Original Description TorchGeo Remote Code Execution Vulnerability...

GHSA-G5VP-J278-8PJH Duplicate Advisory: TorchGeo Remote Code Execution Vulnerability

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-ghq9-vc6f-8qjf. This link is maintained to preserve external references. Original Description TorchGeo Remote Code Execution Vulnerability...

PYSEC-2024-204

TorchGeo Remote Code Execution Vulnerability...

CVE-2024-49048

TorchGeo Remote Code Execution Vulnerability...