OpenCVE

Streamlit is a data oriented application development framework for python. Users hosting Streamlit app(s) that use custom components are vulnerable to a directory traversal attack that could leak data from their web server file-system such as: server logs, world readable files, and potentially other sensitive information. An attacker can craft a malicious URL with file paths and the streamlit server would process that URL and return the contents of that file. This issue has been resolved in version 1.11.1. Users are advised to upgrade. There are no known workarounds for this issue.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Snowflake	Streamlit

Configuration 1 [-]

cpe:2.3:a:snowflake:streamlit:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/streamlit/streamlit/commit/80d9979d5f4a00217743d607078a1d867fad8acf
https://github.com/streamlit/streamlit/security/advisories/GHSA-v4hr-4jpx-56gc

History

Tue, 13 Aug 2024 13:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Snowflake Snowflake streamlit
CPEs	cpe:2.3:a:streamlit:streamlit::::::::	cpe:2.3:a:snowflake:streamlit::::::::
Vendors & Products	Streamlit Streamlit streamlit	Snowflake Snowflake streamlit

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-08-01T21:25:10

Updated: 2024-08-03T09:51:58.575Z

Reserved: 2022-07-15T00:00:00

Link: CVE-2022-35918

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-08-01T22:15:10.223

Modified: 2024-11-21T07:11:57.603

Link: CVE-2022-35918

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "streamlit", "vendor": "streamlit", "versions": [{"status": "affected", "version": ">= 0.63.0, < 1.11.1"}]}], "descriptions": [{"lang": "en", "value": "Streamlit is a data oriented application development framework for python. Users hosting Streamlit app(s) that use custom components are vulnerable to a directory traversal attack that could leak data from their web server file-system such as: server logs, world readable files, and potentially other sensitive information. An attacker can craft a malicious URL with file paths and the streamlit server would process that URL and return the contents of that file. This issue has been resolved in version 1.11.1. Users are advised to upgrade. There are no known workarounds for this issue."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-22", "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-08-12T14:20:09", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/streamlit/streamlit/security/advisories/GHSA-v4hr-4jpx-56gc"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/streamlit/streamlit/commit/80d9979d5f4a00217743d607078a1d867fad8acf"}], "source": {"advisory": "GHSA-v4hr-4jpx-56gc", "discovery": "UNKNOWN"}, "title": "Streamlit directory traversal vulnerability", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-35918", "STATE": "PUBLIC", "TITLE": "Streamlit directory traversal vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "streamlit", "version": {"version_data": [{"platform": "", "version_affected": "", "version_name": "", "version_value": ">= 0.63.0, < 1.11.1"}]}}]}, "vendor_name": "streamlit"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Streamlit is a data oriented application development framework for python. Users hosting Streamlit app(s) that use custom components are vulnerable to a directory traversal attack that could leak data from their web server file-system such as: server logs, world readable files, and potentially other sensitive information. An attacker can craft a malicious URL with file paths and the streamlit server would process that URL and return the contents of that file. This issue has been resolved in version 1.11.1. Users are advised to upgrade. There are no known workarounds for this issue."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}]}, "references": {"reference_data": [{"name": "https://github.com/streamlit/streamlit/security/advisories/GHSA-v4hr-4jpx-56gc", "refsource": "CONFIRM", "url": "https://github.com/streamlit/streamlit/security/advisories/GHSA-v4hr-4jpx-56gc"}, {"name": "https://github.com/streamlit/streamlit/commit/80d9979d5f4a00217743d607078a1d867fad8acf", "refsource": "MISC", "url": "https://github.com/streamlit/streamlit/commit/80d9979d5f4a00217743d607078a1d867fad8acf"}]}, "source": {"advisory": "GHSA-v4hr-4jpx-56gc", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T09:51:58.575Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/streamlit/streamlit/security/advisories/GHSA-v4hr-4jpx-56gc"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/streamlit/streamlit/commit/80d9979d5f4a00217743d607078a1d867fad8acf"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-35918", "datePublished": "2022-08-01T21:25:10", "dateReserved": "2022-07-15T00:00:00", "dateUpdated": "2024-08-03T09:51:58.575Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:snowflake:streamlit:*:*:*:*:*:*:*:*", "matchCriteriaId": "0D9D5D7A-3CEB-4445-B01C-7EDDB485E1B3", "versionEndExcluding": "1.11.1", "versionStartIncluding": "0.63.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Streamlit is a data oriented application development framework for python. Users hosting Streamlit app(s) that use custom components are vulnerable to a directory traversal attack that could leak data from their web server file-system such as: server logs, world readable files, and potentially other sensitive information. An attacker can craft a malicious URL with file paths and the streamlit server would process that URL and return the contents of that file. This issue has been resolved in version 1.11.1. Users are advised to upgrade. There are no known workarounds for this issue."}, {"lang": "es", "value": "Streamlit es un marco de desarrollo de aplicaciones orientado a datos para python. Los usuarios que alojan aplicaciones Streamlit que usan componentes personalizados son vulnerables a un ataque de salto de directorio que podr\u00eda filtrar datos de su sistema de archivos del servidor web, como por ejemplo: registros del servidor, archivos legibles a nivel mundial y, potencialmente, otra informaci\u00f3n confidencial. Un atacante puede dise\u00f1ar una URL maliciosa con rutas de archivos y el servidor streamlit procesar\u00eda esa URL y devolver\u00eda el contenido de ese archivo o sobrescribir\u00eda los archivos existentes en el servidor web. Este problema ha sido resuelto en versi\u00f3n 1.11.1. Se recomienda a los usuarios que actualicen. No hay soluciones alternativas conocidas para este problema."}], "id": "CVE-2022-35918", "lastModified": "2024-11-21T07:11:57.603", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-01T22:15:10.223", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/streamlit/streamlit/commit/80d9979d5f4a00217743d607078a1d867fad8acf"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/streamlit/streamlit/security/advisories/GHSA-v4hr-4jpx-56gc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/streamlit/streamlit/commit/80d9979d5f4a00217743d607078a1d867fad8acf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/streamlit/streamlit/security/advisories/GHSA-v4hr-4jpx-56gc"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "security-advisories@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}