streamlit

PyPI3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting streamlitpage 1 of 1

CVE-2022-35918MEDIUMCVSS 6.5EG 6.5✓ Fixed in 1.11.1
2022-08-01
vulnerable: 0.63.0 ... 1.9.2rc1 (69 versions)
Streamlit is a data oriented application development framework for python. Users hosting Streamlit app(s) that use custom components are vulnerable to a directory traversal attack that could leak data from their web server file-system such…
CVE-2023-27494MEDIUMCVSS 5.9EG 5.9✓ Fixed in 0.81.0
2023-03-16
vulnerable: 0.63.0 ... 0.80.0 (27 versions)
Streamlit, software for turning data scripts into web applications, had a cross-site scripting (XSS) vulnerability in versions 0.63.0 through 0.80.0. Users of hosted Streamlit app(s) were vulnerable to a reflected XSS vulnerability. An att…
CVE-2024-42474MEDIUMCVSS 6.5EG 6.5✓ Fixed in 1.37.0
2024-08-12
vulnerable: 0.1 ... 1.9.2rc1 (224 versions)
Streamlit is a data oriented application development framework for python. Snowflake Streamlit open source addressed a security vulnerability via the static file sharing feature. Users of hosted Streamlit app(s) on Windows were vulnerable …

Check whether streamlit is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for streamlit CVEs against the assets you own.

Start Free Scan →