CVE-2024-41120 | opengeos streamlit-geospatial 9_ gpd.read_file url server-side request forgery (GHSL-2024-100)

CVE-2024-41120 | opengeos streamlit-geospatial 9_ gpd.read_file url server-side request forgery (GHSL-2024-100)

A vulnerability was found in opengeos streamlit-geospatial. It has been declared as critical. Affected by this vulnerability is the function gpd.read_file of the file pages/9_????_Vector_Data_Visualization.py. The manipulation of the argument url leads to server-side request forgery. This vulnerability is known as CVE-2024-41120. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.