{"data":{"id":"e49ac6a3-cf6d-4afc-b0f2-926e29fb291e","title":"CVE-2024-42474: Streamlit is a data oriented application development framework for python. Snowflake Streamlit open source addressed a s","summary":"Streamlit (a Python framework for building data applications) had a path traversal vulnerability (a flaw that lets attackers access files outside their intended directory) in its static file sharing feature on Windows. An attacker could exploit this to steal the password hash (an encrypted version of a password) of the Windows user running Streamlit.","solution":"The vulnerability was patched on Jul 25, 2024, as part of Streamlit open source version 1.37.0.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2024-42474","publishedAt":"2024-08-12T21:15:17.513Z","cveId":"CVE-2024-42474","cweIds":["CWE-22","CWE-22"],"cvssScore":"6.5","cvssSeverity":"medium","severity":"medium","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Streamlit","Snowflake"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.01652,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-126"],"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}