streamlit@0.69.0 vulnerabilities
A faster way to build and share data apps
-
latest version
1.40.1
-
latest non vulnerable version
-
first published
7 years ago
-
latest version published
14 days ago
-
licenses detected
- [0.45.0,)
Direct Vulnerabilities
Known vulnerabilities in the streamlit package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
streamlit is a The fastest way to build data apps in Python Affected versions of this package are vulnerable to Path Traversal via the static file sharing feature. An attacker can leak the password hash of the Windows user running Note: The vulnerability only affects Windows. How to fix Path Traversal? Upgrade |
[,1.37.0)
|
streamlit is a The fastest way to build data apps in Python Affected versions of this package are vulnerable to Directory Traversal due to insufficient validation of user-supplied input in custom components. An attacker can access sensitive files on the server by manipulating input to traverse directories. This is a case left over from the fix for CVE-2022-35918 in version 1.11.1. How to fix Directory Traversal? Upgrade |
[0.63.0,1.30.0)
|
streamlit is a The fastest way to build data apps in Python Affected versions of this package are vulnerable to Improper Output Neutralization for Logs when the function How to fix Improper Output Neutralization for Logs? Upgrade |
[,1.27.0)
|
streamlit is a The fastest way to build data apps in Python Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper user-input sanitization, via the How to fix Cross-site Scripting (XSS)? Upgrade |
[0.63.0,0.81.0)
|
streamlit is a The fastest way to build data apps in Python Affected versions of this package are vulnerable to Directory Traversal in the How to fix Directory Traversal? Upgrade |
[0.63.0,1.11.1)
|