SQL injection vulnerability in geopandas before v.1.1.2 allows an attacker to obtain sensitive information via the to_postgis()` function being used to write GeoDataFrames to a PostgreSQL database.
0.10.0-10.10.1-10.10.2-10.11.0-10.11.1-10.12.0-10.12.1-10.12.1-20.12.2-10.13.0-1~exp1+20 more0.12.2-10.13.0-1~exp10.13.2-10.13.2-1~exp10.13.2-20.13.2-30.14.0-10.14.1-10.14.2-10.14.3-1+9 more1.0.1-21.1.0-1~exp11.1.1-11.1.1-1~exp11.1.1-21.1.2-11.1.2-1Exploitability
AV:NAC:LPR:NUI:NScope
S:CImpact
C:HI:NA:NCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N