exploitDog

CVE-2024-47833

Опубликовано: 09 окт. 2024

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine learning engineers. In affected versions session cookies are served without Secure and HTTPOnly flags. This issue has been addressed in release version 4.0.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

Ссылки

https://github.com/Avaiga/taipy/security/advisories/GHSA-r3jq-4r5c-j9hp
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:avaiga:taipy:*:*:*:*:*:*:*:*

Версия до 4.0.0 (исключая)

EPSS

Процентиль: 19%

0.00062

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-614

CWE-319

Связанные уязвимости

GHSA-r3jq-4r5c-j9hp

CVSS3: 6.5

github

больше 1 года назад

Taipy has a Session Cookie without Secure and HTTPOnly flags

EPSS

Процентиль: 19%

0.00062

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-614

CWE-319