CVE-2022-35918 in Streamlit
Summary
by MITRE • 08/02/2022
Streamlit is a data oriented application development framework for python. Users hosting Streamlit app(s) that use custom components are vulnerable to a directory traversal attack that could leak data from their web server file-system such as: server logs, world readable files, and potentially other sensitive information. An attacker can craft a malicious URL with file paths and the streamlit server would process that URL and return the contents of that file or overwrite existing files on the web-server. This issue has been resolved in version 1.11.1. Users are advised to upgrade. There are no known workarounds for this issue.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 04/30/2025
Streamlit represents a popular Python framework designed for rapid development of data-oriented web applications, enabling developers to create interactive dashboards and visualizations with minimal code. The framework's architecture processes user requests through a web server component that handles various file operations and component rendering. This vulnerability specifically affects deployments that utilize custom components within Streamlit applications, creating a critical security gap in the framework's file handling mechanisms. The issue manifests when the application server processes maliciously crafted URLs that contain directory traversal sequences, allowing unauthorized access to the underlying file system.
The technical flaw stems from inadequate input validation and sanitization within Streamlit's URL processing pipeline. When custom components are loaded, the framework fails to properly sanitize file paths extracted from user-supplied URLs, creating a classic directory traversal vulnerability. Attackers can exploit this weakness by crafting malicious URLs containing sequences such as "../" or similar path manipulation patterns that bypass normal file system access controls. The vulnerability operates at the application layer, leveraging the framework's legitimate file reading capabilities to access unintended portions of the server's file system. This weakness directly maps to CWE-22 - Improper Limitation of a Pathname to a Restricted Directory, which is a well-documented vulnerability pattern in software security. The flaw allows for both information disclosure and potential file system manipulation, as the framework's processing logic can be coerced into reading arbitrary files or potentially overwriting existing server content.
The operational impact of this vulnerability extends beyond simple information disclosure, creating a significant risk for organizations deploying Streamlit applications in production environments. Server logs, configuration files, and other world-readable files become accessible to attackers who can leverage this vulnerability to gather sensitive information about the system's configuration, user data, and application internals. The potential for data exfiltration increases substantially when attackers can access files that contain authentication tokens, database connection strings, or other sensitive credentials stored within the application's file system. Organizations using Streamlit for data visualization and analytics may find their entire data processing pipeline exposed to unauthorized access, particularly when applications are deployed on servers with broad file system permissions. This vulnerability also creates opportunities for attackers to escalate their privileges through the exploitation of other system components that may be accessible via the compromised file system access. The impact aligns with ATT&CK technique T1083 - File and Directory Discovery, where adversaries seek to enumerate file systems to identify valuable targets.
Mitigation efforts should focus on immediate version upgrades to Streamlit 1.11.1 or later, which contains the necessary patches to address the directory traversal vulnerability. Organizations should implement comprehensive application security testing including dynamic application security testing and static application security testing to identify similar vulnerabilities in their Streamlit deployments. Network segmentation and access controls should be implemented to limit exposure of Streamlit applications to untrusted users. Security monitoring should include detection of unusual file system access patterns and URL requests that contain suspicious path traversal sequences. Organizations should also consider implementing web application firewalls to filter malicious requests before they reach the Streamlit server. Regular security assessments and vulnerability scanning should be conducted to ensure that no other components within the application stack may be vulnerable to similar attacks. The vulnerability highlights the importance of proper input validation and the principle of least privilege in web application development, particularly when handling user-supplied data that may be processed as file system paths.