Streamlit-Geospatial Security Vulnerabilities - January
streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the palette variable in pages/1_?_Timelapse.py takes user input, which is later used in the eval() function on line 380, leading to remote code execution. Commit ...
9.8CVSS
9.8AI Score
0.001EPSS
streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the vis_params variable on line 383 or line 390 in pages/1_?_Timelapse.py takes user input, which is later used in the eval() function on line 395, leading to rem...
9.8CVSS
9.8AI Score
0.001EPSS
streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the palette variable on line 430 in pages/1_?_Timelapse.py takes user input, which is later used in the eval() function on line 435, leading to remote code execut...
9.8CVSS
9.8AI Score
0.001EPSS
streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the palette variable on line 488 in pages/1_?_Timelapse.py takes user input, which is later used in the eval() function on line 493, leading to remote code execut...
9.8CVSS
9.8AI Score
0.001EPSS
streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the vis_params variable on line 1254 in pages/1_?_Timelapse.py takes user input, which is later used in the eval() function on line 1345, leading to remote code e...
9.8CVSS
9.8AI Score
0.001EPSS
streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the vis_params variable on line 115 in pages/10_?_Earth_Engine_Datasets.py takes user input, which is later used in the eval() function on line 126, leading to re...
9.8CVSS
9.8AI Score
0.001EPSS
streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the url variable on line 47 of pages/7_?_Web_Map_Service.py takes user input, which is passed to get_layers function, in which url is used with get_wms_layer meth...
9.8CVSS
7.7AI Score
0.001EPSS
streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the vis_params variable on line 80 in 8_??_Raster_Data_Visualization.py takes user input, which is later used in the eval() function on line 86, leading to remote...
9.8CVSS
9.8AI Score
0.001EPSS
streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the url variable on line 63 of pages/9_?_Vector_Data_Visualization.py takes user input, which is later passed to the gpd.read_file method. gpd.read_file method cr...
9.8CVSS
9.6AI Score
0.001EPSS