CVE-2024-47833

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-47833

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-47833.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-47833

Aliases

Published

2024-10-09T18:25:02.563Z

Modified

2025-12-05T06:41:35.268950Z

Severity

6.3 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N CVSS Calculator

Summary

Session Cookie without Secure and HTTPOnly flags in taipy

Details

Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine learning engineers. In affected versions session cookies are served without Secure and HTTPOnly flags. This issue has been addressed in release version 4.0.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/47xxx/CVE-2024-47833.json",
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-1004",
        "CWE-614"
    ]
}

References

Affected packages

Git / github.com/avaiga/taipy

Affected ranges

Type: GIT
Repo: https://github.com/avaiga/taipy
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

b64b139f4ab7fe4d1f3590956040a3429aa600c5

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-47833.json"