Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/streamlit@0.32.0
Typepypi
Namespace
Namestreamlit
Version0.32.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.37.0
Latest_non_vulnerable_version1.37.0
Affected_by_vulnerabilities
0
url VCID-25th-j3fh-4qab
vulnerability_id VCID-25th-j3fh-4qab
summary Streamlit is a data oriented application development framework for python. Snowflake Streamlit open source addressed a security vulnerability via the static file sharing feature. Users of hosted Streamlit app(s) on Windows were vulnerable to a path traversal vulnerability when the static file sharing feature is enabled. An attacker could utilize the vulnerability to leak the password hash of the Windows user running Streamlit. The vulnerability was patched on Jul 25, 2024, as part of Streamlit open source version 1.37.0. The vulnerability only affects Windows.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-42474
reference_id
reference_type
scores
0
value 0.01222
scoring_system epss
scoring_elements 0.79512
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-42474
1
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/streamlit/PYSEC-2024-153.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/streamlit/PYSEC-2024-153.yaml
2
reference_url https://github.com/streamlit/streamlit/commit/3a639859cfdfba2187c81897d44a3e33825eb0a3
reference_id 3a639859cfdfba2187c81897d44a3e33825eb0a3
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-12T19:27:54Z/
url https://github.com/streamlit/streamlit/commit/3a639859cfdfba2187c81897d44a3e33825eb0a3
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-42474
reference_id CVE-2024-42474
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2024-42474
4
reference_url https://github.com/advisories/GHSA-rxff-vr5r-8cj5
reference_id GHSA-rxff-vr5r-8cj5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rxff-vr5r-8cj5
5
reference_url https://github.com/streamlit/streamlit/security/advisories/GHSA-rxff-vr5r-8cj5
reference_id GHSA-rxff-vr5r-8cj5
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-12T19:27:54Z/
url https://github.com/streamlit/streamlit/security/advisories/GHSA-rxff-vr5r-8cj5
fixed_packages
0
url pkg:pypi/streamlit@1.37.0
purl pkg:pypi/streamlit@1.37.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@1.37.0
aliases CVE-2024-42474, GHSA-rxff-vr5r-8cj5, PYSEC-2024-153
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-25th-j3fh-4qab
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/streamlit@0.32.0