streamlit@0.8 vulnerabilities

A faster way to build and share data apps

Direct Vulnerabilities

Known vulnerabilities in the streamlit package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Path Traversal

streamlit is a The fastest way to build data apps in Python

Affected versions of this package are vulnerable to Path Traversal via the static file sharing feature. An attacker can leak the password hash of the Windows user running Streamlit.

Note: The vulnerability only affects Windows.

How to fix Path Traversal?

Upgrade streamlit to version 1.37.0 or higher.

[,1.37.0)
  • M
Improper Output Neutralization for Logs

streamlit is a The fastest way to build data apps in Python

Affected versions of this package are vulnerable to Improper Output Neutralization for Logs when the function upload_file_request_handler.py returns 400 error including the session_id value.

How to fix Improper Output Neutralization for Logs?

Upgrade streamlit to version 1.27.0 or higher.

[,1.27.0)