Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/36160?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36160?format=api", "vulnerability_id": "VCID-e2z5-m4r7-vyhb", "summary": "Streamlit is a data oriented application development framework for python. Users hosting Streamlit app(s) that use custom components are vulnerable to a directory traversal attack that could leak data from their web server file-system such as: server logs, world readable files, and potentially other sensitive information. An attacker can craft a malicious URL with file paths and the streamlit server would process that URL and return the contents of that file or overwrite existing files on the web-server. This issue has been resolved in version 1.11.1. Users are advised to upgrade. There are no known workarounds for this issue.", "aliases": [ { "alias": "CVE-2022-35918" }, { "alias": "GHSA-v4hr-4jpx-56gc" }, { "alias": "PYSEC-2022-248" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/28736?format=api", "purl": "pkg:pypi/streamlit@1.11.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.11.1" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/28667?format=api", "purl": "pkg:pypi/streamlit@0.63.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2m1a-hkg5-ubfe" }, { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.63.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28668?format=api", "purl": "pkg:pypi/streamlit@0.63.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.63.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/28669?format=api", "purl": "pkg:pypi/streamlit@0.64.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.64.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28670?format=api", "purl": "pkg:pypi/streamlit@0.65.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.65.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28671?format=api", "purl": "pkg:pypi/streamlit@0.65.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.65.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/28672?format=api", "purl": "pkg:pypi/streamlit@0.65.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.65.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/28673?format=api", "purl": "pkg:pypi/streamlit@0.66.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.66.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28674?format=api", "purl": "pkg:pypi/streamlit@0.67.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.67.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28675?format=api", "purl": "pkg:pypi/streamlit@0.67.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.67.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/28676?format=api", "purl": "pkg:pypi/streamlit@0.68.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.68.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28677?format=api", "purl": "pkg:pypi/streamlit@0.68.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.68.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/28678?format=api", "purl": "pkg:pypi/streamlit@0.69.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.69.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28679?format=api", "purl": "pkg:pypi/streamlit@0.69.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.69.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/28680?format=api", "purl": "pkg:pypi/streamlit@0.69.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.69.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/28681?format=api", "purl": "pkg:pypi/streamlit@0.70.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.70.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28682?format=api", "purl": "pkg:pypi/streamlit@0.71.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.71.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28683?format=api", "purl": "pkg:pypi/streamlit@0.72.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.72.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28684?format=api", "purl": "pkg:pypi/streamlit@0.73.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.73.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28685?format=api", "purl": "pkg:pypi/streamlit@0.73.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.73.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/28686?format=api", "purl": "pkg:pypi/streamlit@0.74.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.74.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28687?format=api", "purl": "pkg:pypi/streamlit@0.74.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.74.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/28688?format=api", "purl": "pkg:pypi/streamlit@0.75.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.75.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28689?format=api", "purl": "pkg:pypi/streamlit@0.76.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.76.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28690?format=api", "purl": "pkg:pypi/streamlit@0.77.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.77.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28691?format=api", "purl": "pkg:pypi/streamlit@0.78.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.78.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28692?format=api", "purl": "pkg:pypi/streamlit@0.79.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.79.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28693?format=api", "purl": "pkg:pypi/streamlit@0.80.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" }, { "vulnerability": "VCID-nfvv-s6z5-cyej" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.80.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28694?format=api", "purl": "pkg:pypi/streamlit@0.81.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.81.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28695?format=api", "purl": "pkg:pypi/streamlit@0.81.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.81.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/28696?format=api", "purl": "pkg:pypi/streamlit@0.82.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.82.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28697?format=api", "purl": "pkg:pypi/streamlit@0.83.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.83.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28698?format=api", "purl": "pkg:pypi/streamlit@0.84.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.84.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28699?format=api", "purl": "pkg:pypi/streamlit@0.84.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.84.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/28700?format=api", "purl": "pkg:pypi/streamlit@0.84.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.84.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/28701?format=api", "purl": "pkg:pypi/streamlit@0.85.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.85.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28702?format=api", "purl": "pkg:pypi/streamlit@0.85.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.85.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/28703?format=api", "purl": "pkg:pypi/streamlit@0.86.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.86.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28704?format=api", "purl": "pkg:pypi/streamlit@0.87.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.87.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28705?format=api", "purl": "pkg:pypi/streamlit@0.88.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.88.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28706?format=api", "purl": "pkg:pypi/streamlit@0.89.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.89.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28707?format=api", "purl": "pkg:pypi/streamlit@1.0.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.0.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28708?format=api", "purl": "pkg:pypi/streamlit@1.1.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.1.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28709?format=api", "purl": "pkg:pypi/streamlit@1.2.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.2.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28710?format=api", "purl": "pkg:pypi/streamlit@1.3.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.3.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28711?format=api", "purl": "pkg:pypi/streamlit@1.3.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.3.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/28712?format=api", "purl": "pkg:pypi/streamlit@1.4.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.4.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28713?format=api", "purl": "pkg:pypi/streamlit@1.5.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.5.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28714?format=api", "purl": "pkg:pypi/streamlit@1.5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/28715?format=api", "purl": "pkg:pypi/streamlit@1.6.0rc3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.6.0rc3" }, { "url": "http://public2.vulnerablecode.io/api/packages/28716?format=api", "purl": "pkg:pypi/streamlit@1.6.0rc4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.6.0rc4" }, { "url": "http://public2.vulnerablecode.io/api/packages/28717?format=api", "purl": "pkg:pypi/streamlit@1.6.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.6.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28718?format=api", "purl": "pkg:pypi/streamlit@1.7.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.7.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28719?format=api", "purl": "pkg:pypi/streamlit@1.8.0rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.8.0rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/28720?format=api", "purl": "pkg:pypi/streamlit@1.8.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.8.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28721?format=api", "purl": "pkg:pypi/streamlit@1.8.1rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.8.1rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/28722?format=api", "purl": "pkg:pypi/streamlit@1.8.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.8.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/28723?format=api", "purl": "pkg:pypi/streamlit@1.9.0rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.9.0rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/28724?format=api", "purl": "pkg:pypi/streamlit@1.9.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.9.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28725?format=api", "purl": "pkg:pypi/streamlit@1.9.1rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.9.1rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/28726?format=api", "purl": "pkg:pypi/streamlit@1.9.1rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.9.1rc2" }, { "url": "http://public2.vulnerablecode.io/api/packages/28727?format=api", "purl": "pkg:pypi/streamlit@1.9.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.9.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/28728?format=api", "purl": "pkg:pypi/streamlit@1.9.2rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.9.2rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/28729?format=api", "purl": "pkg:pypi/streamlit@1.9.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.9.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/28730?format=api", "purl": "pkg:pypi/streamlit@1.10.0rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.10.0rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/28731?format=api", "purl": "pkg:pypi/streamlit@1.10.0rc2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.10.0rc2" }, { "url": "http://public2.vulnerablecode.io/api/packages/28732?format=api", "purl": "pkg:pypi/streamlit@1.10.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.10.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28733?format=api", "purl": "pkg:pypi/streamlit@1.11.0rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.11.0rc1" }, { "url": "http://public2.vulnerablecode.io/api/packages/28734?format=api", "purl": "pkg:pypi/streamlit@1.11.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.11.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/28735?format=api", "purl": "pkg:pypi/streamlit@1.11.1rc1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-45nc-3ttz-hqcu" }, { "vulnerability": "VCID-e2z5-m4r7-vyhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.11.1rc1" } ], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35918", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01399", "scoring_system": "epss", "scoring_elements": "0.80755", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35918" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/streamlit/PYSEC-2022-248.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/streamlit/PYSEC-2022-248.yaml" }, { "reference_url": "https://github.com/streamlit/streamlit", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/streamlit/streamlit" }, { "reference_url": "https://github.com/streamlit/streamlit/commit/80d9979d5f4a00217743d607078a1d867fad8acf", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/streamlit/streamlit/commit/80d9979d5f4a00217743d607078a1d867fad8acf" }, { "reference_url": "https://github.com/streamlit/streamlit/security/advisories/GHSA-v4hr-4jpx-56gc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/streamlit/streamlit/security/advisories/GHSA-v4hr-4jpx-56gc" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35918", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-35918" } ], "weaknesses": [ { "cwe_id": 22, "name": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "description": "The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory." } ], "exploits": [], "severity_range_score": "4.0 - 6.9", "exploitability": "0.5", "weighted_severity": "6.2", "risk_score": 3.1, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e2z5-m4r7-vyhb" }