2 matches found
CVE-2024-42474
CVE-2024-42474 affects Streamlit Open Source on Windows via the static file sharing feature, enabling path traversal that could leak the Windows user’s password hash. The issue was identified in Streamlit and patched in version 1.37.0 (released around July 25, 2024). Evidence in connected sources...
CVE-2026-33682
CVE-2026-33682 (Streamlit) affects Windows deployments of Streamlit Open Source up to version 1.53.x. The issue is an SSRF vulnerability caused by insufficient validation of attacker-controlled filesystem paths in component request handling (notably ComponentRequestHandler). On Windows, supplying...