Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine learning engineers. In affected versions session cookies are served without Secure and HTTPOnly flags. This issue has been addressed in release version 4.0.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
Metrics
Affected Vendors & Products
References
History
Wed, 16 Oct 2024 17:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-319 CWE-732 |
|
Metrics |
cvssV3_1
|
Wed, 09 Oct 2024 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Avaiga
Avaiga taipy |
|
CPEs | cpe:2.3:a:avaiga:taipy:*:*:*:*:*:*:*:* | |
Vendors & Products |
Avaiga
Avaiga taipy |
|
Metrics |
ssvc
|
Wed, 09 Oct 2024 18:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine learning engineers. In affected versions session cookies are served without Secure and HTTPOnly flags. This issue has been addressed in release version 4.0.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability. | |
Title | Session Cookie without Secure and HTTPOnly flags in taipy | |
Weaknesses | CWE-1004 CWE-614 |
|
References |
| |
Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-10-09T18:25:02.563Z
Updated: 2024-10-09T19:55:10.993Z
Reserved: 2024-10-03T14:06:12.643Z
Link: CVE-2024-47833
Vulnrichment
Updated: 2024-10-09T19:54:51.487Z
NVD
Status : Analyzed
Published: 2024-10-09T19:15:14.793
Modified: 2024-10-16T16:33:34.493
Link: CVE-2024-47833
Redhat
No data.