Lucene search
K
SnowflakeStreamlit

5 matches found

CVE
CVE
added 2022/08/01 9:25 p.m.110 views

CVE-2022-35918

CVE-2022-35918 affects Streamlit’s Python apps using custom components, enabling a directory traversal that could leak server-file data (e.g., logs, world-readable files). The issue arises from how the streamlit server processes crafted URLs containing file paths. Public analyses consistently not...

6.5CVSS6.2AI score0.01323EPSS
CVE
CVE
added 2023/03/16 8:29 p.m.78 views

CVE-2023-27494

CVE-2023-27494 describes a reflected XSS in Streamlit open-source library for hosted apps, affecting versions 0.63.0–0.80.0. The vulnerability allowed an attacker to craft a malicious URL containing JavaScript payloads, which the server could render unescaped, enabling XSS. The issue was addresse...

6.1CVSS5.7AI score0.00407EPSS
CVE
CVE
added 2024/08/12 5:1 p.m.72 views

CVE-2024-42474

CVE-2024-42474 affects Streamlit Open Source on Windows via the static file sharing feature, enabling path traversal that could leak the Windows user’s password hash. The issue was identified in Streamlit and patched in version 1.37.0 (released around July 25, 2024). Evidence in connected sources...

6.5CVSS5.8AI score0.00568EPSS
CVE
CVE
added 2026/06/04 12:0 p.m.24 views

CVE-2026-10804

CVE-2026-10804 affects Streamlit up to 1.53.0, targeting an unknown function in the Palette Handler’s hashing.py (lib/streamlit/runtime/caching/hashing.py). The issue allows use of a weak hash due to the described manipulation, with local access required and a high attack complexity. The exploita...

4.7CVSS5AI score0.00083EPSS
CVE
CVE
added 2026/03/26 9:45 p.m.12 views

CVE-2026-33682

CVE-2026-33682 (Streamlit) affects Windows deployments of Streamlit Open Source up to version 1.53.x. The issue is an SSRF vulnerability caused by insufficient validation of attacker-controlled filesystem paths in component request handling (notably ComponentRequestHandler). On Windows, supplying...

4.8CVSS5.9AI score0.00282EPSS