Streamlit-geospatial Security Vulnerabilities and Issues — Streamlit-geospatial CVE List

Lucene search

OpengeosStreamlit-geospatial

9 matches found

CVE•added 2024/07/26 8:15 p.m.•45 views

CVE-2024-41112

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the palette variable in pages/1_📷_Timelapse.py takes user input, which is later used in the eval() function on line 380, leading to remote code execution. Commit...

9.8CVSS9.8AI score0.009EPSS

CVE•added 2024/07/26 9:15 p.m.•45 views

CVE-2024-41118

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the url variable on line 47 of pages/7_📦_Web_Map_Service.py takes user input, which is passed to get_layers function, in which url is used with get_wms_layer met...

9.8CVSS8.1AI score0.00299EPSS

CVE•added 2024/07/26 9:15 p.m.•41 views

CVE-2024-41117

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the vis_params variable on line 115 in pages/10_🌍_Earth_Engine_Datasets.py takes user input, which is later used in the eval() function on line 126, leading to r...

9.8CVSS9.8AI score0.02828EPSS

CVE•added 2024/07/26 8:15 p.m.•40 views

CVE-2024-41113

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the vis_params variable on line 383 or line 390 in pages/1_📷_Timelapse.py takes user input, which is later used in the eval() function on line 395, leading to re...

9.8CVSS9.8AI score0.00858EPSS

CVE•added 2024/07/26 9:15 p.m.•40 views

CVE-2024-41116

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the vis_params variable on line 1254 in pages/1_📷_Timelapse.py takes user input, which is later used in the eval() function on line 1345, leading to remote code ...

9.8CVSS9.8AI score0.02828EPSS

CVE•added 2024/07/26 9:15 p.m.•39 views

CVE-2024-41120

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the url variable on line 63 of pages/9_🔲_Vector_Data_Visualization.py takes user input, which is later passed to the gpd.read_file method. gpd.read_file method c...

9.8CVSS9.6AI score0.00124EPSS

CVE•added 2024/07/26 9:15 p.m.•36 views

CVE-2024-41114

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the palette variable on line 430 in pages/1_📷_Timelapse.py takes user input, which is later used in the eval() function on line 435, leading to remote code execu...

9.8CVSS9.8AI score0.009EPSS

CVE•added 2024/07/26 9:15 p.m.•36 views

CVE-2024-41115

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the palette variable on line 488 in pages/1_📷_Timelapse.py takes user input, which is later used in the eval() function on line 493, leading to remote code execu...

9.8CVSS9.8AI score0.00664EPSS

CVE•added 2024/07/26 9:15 p.m.•35 views

CVE-2024-41119

streamlit-geospatial is a streamlit multipage app for geospatial applications. Prior to commit c4f81d9616d40c60584e36abb15300853a66e489, the vis_params variable on line 80 in 8_🏜️_Raster_Data_Visualization.py takes user input, which is later used in the eval() function on line 86, leading to remot...

9.8CVSS9.8AI score0.009EPSS