1.50.0
7 years ago
28 days ago
Known vulnerabilities in the streamlit package. This does not include vulnerabilities belonging to this package’s dependencies.
Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.
Fix for free| Vulnerability | Vulnerable Version | 
|---|---|
| 
 streamlit is a The fastest way to build data apps in Python Affected versions of this package are vulnerable to Arbitrary File Upload in the  How to fix Arbitrary File Upload? Upgrade  | [,1.43.2) | 
| 
 streamlit is a The fastest way to build data apps in Python Affected versions of this package are vulnerable to Path Traversal via the static file sharing feature. An attacker can leak the password hash of the Windows user running  Note: The vulnerability only affects Windows. How to fix Path Traversal? Upgrade  | [,1.37.0) | 
| 
 streamlit is a The fastest way to build data apps in Python Affected versions of this package are vulnerable to Directory Traversal due to insufficient validation of user-supplied input in custom components. An attacker can access sensitive files on the server by manipulating input to traverse directories. This is a case left over from the fix for CVE-2022-35918 in version 1.11.1. How to fix Directory Traversal? Upgrade  | [0.63.0,1.30.0) | 
| 
 streamlit is a The fastest way to build data apps in Python Affected versions of this package are vulnerable to Improper Output Neutralization for Logs when the function  How to fix Improper Output Neutralization for Logs? Upgrade  | [,1.27.0) | 
| 
 streamlit is a The fastest way to build data apps in Python Affected versions of this package are vulnerable to Directory Traversal in the  How to fix Directory Traversal? Upgrade  | [0.63.0,1.11.1) |