TorchGeo Remote Code Execution Vulnerability
TorchGeo Remote Code Execution Vulnerability
### Impact TorchGeo 0.4–0.6.0 used an [`eval`](https://docs.python.org/3/library/functions.html#eval) statement in its model weight API that could allow an unauthenticated, remote attacker to execute arbitrary commands. All platforms that expose [`torchgeo.models.get_weight()`](https://torchgeo.readthedocs.io/en/v0.6.0/api/models.html#torchgeo.models.get_weight) or [`torchgeo.trainers`](https://torchgeo.readthedocs.io/en/v0.6.0/api/trainers.html) as an external API could be affected. ### Patches The `eval` statement was replaced with a fixed enum lookup, preventing arbitrary code injection. All users are encouraged to upgrade to TorchGeo 0.6.1 or newer. ### Workarounds In unpatched versions, input validation and sanitization can be used to avoid this vulnerability. ### References #### Bug history * Introduced: https://github.com/torchgeo/torchgeo/pull/917 * Patched: https://github.com/torchgeo/torchgeo/pull/2323 * Released: [v0.6.1](https://github.com/microsoft/torchgeo/releases/tag/v0.6.1)
Vulnerabilidad de ejecución remota de código en TorchGeo
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 3.1 | Primary | cve.org | 8.1 | — | — | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C |
| 3.1 | Secondary | NVD | 8.1 | 2.2 | 5.9 | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
| 3.1 | Secondary | GHSA | 8.1 | — | — | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |