{"data":{"id":"32a33cff-0027-4c26-96db-f86be6927a2e","title":"CVE-2024-47833: Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine lear","summary":"Taipy, an open-source Python library for building data applications, has a security flaw where session cookies are served without the Secure and HTTPOnly flags (security markers that prevent browsers from sending cookies over unencrypted connections and protect cookies from being accessed by JavaScript code). This vulnerability has a CVSS score (a 0-10 rating of how severe a vulnerability is) of 6.3, indicating medium severity.","solution":"Upgrade to Taipy release version 4.0.0 or later. According to the source, 'This issue has been addressed in release version 4.0.0 and all users are advised to upgrade.' There are no known workarounds available.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2024-47833","publishedAt":"2024-10-09T19:15:14.793Z","cveId":"CVE-2024-47833","cweIds":["CWE-614","CWE-1004","CWE-319","CWE-732"],"cvssScore":"6.5","cvssSeverity":"medium","severity":"medium","attackType":["pii_leakage"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Taipy"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00085,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-1"],"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}