AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2024-47833: Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine lear

mediumvulnerability

security

Source: NVD/CVE DatabaseOctober 9, 2024CVE-2024-47833

Summary

Taipy, an open-source Python library for building data applications, has a security flaw where session cookies are served without the Secure and HTTPOnly flags (security markers that prevent browsers from sending cookies over unencrypted connections and protect cookies from being accessed by JavaScript code). This vulnerability has a CVSS score (a 0-10 rating of how severe a vulnerability is) of 6.3, indicating medium severity.

Solution / Mitigation

Upgrade to Taipy release version 4.0.0 or later. According to the source, 'This issue has been addressed in release version 4.0.0 and all users are advised to upgrade.' There are no known workarounds available.

Vulnerability Details

CVSS Score

6.5(medium)

EPSS (30-day exploit probability)

EPSS: 0.1%

Classification

Attack Type

PII Leakage

Attack SophisticationTrivial

Impact (CIA+S)

confidentiality

AI Component TargetedAPI

Taxonomy References

CWE (Weakness Type)

CWE-614 CWE-1004 CWE-319 CWE-732

Affected Vendors

Related Issues

medium

CVE-2026-2589: The Greenshift – animation and page builder blocks plugin for WordPress is vulnerable to Sensitive Information Exposure

Similar attackNVD/CVE Database

high

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

First tracked: February 15, 2026 at 08:53 PM

Classified by LLM (prompt v3) · confidence: 85%