Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/taipy@2.0.0
Typepypi
Namespace
Nametaipy
Version2.0.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.0.0
Latest_non_vulnerable_version4.0.0
Affected_by_vulnerabilities
0
url VCID-yt4k-m42h-8bd1
vulnerability_id VCID-yt4k-m42h-8bd1
summary Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine learning engineers. In affected versions session cookies are served without Secure and HTTPOnly flags. This issue has been addressed in release version 4.0.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
references
0
reference_url https://github.com/Avaiga/taipy
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/Avaiga/taipy
1
reference_url https://github.com/Avaiga/taipy/blob/develop/frontend/taipy-gui/src/components/Taipy/Navigate.tsx#L67
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/Avaiga/taipy/blob/develop/frontend/taipy-gui/src/components/Taipy/Navigate.tsx#L67
2
reference_url https://github.com/Avaiga/taipy/security/advisories/GHSA-r3jq-4r5c-j9hp
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/Avaiga/taipy/security/advisories/GHSA-r3jq-4r5c-j9hp
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/taipy/PYSEC-2024-168.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/taipy/PYSEC-2024-168.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-47833
reference_id CVE-2024-47833
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-47833
5
reference_url https://github.com/advisories/GHSA-r3jq-4r5c-j9hp
reference_id GHSA-r3jq-4r5c-j9hp
reference_type
scores
url https://github.com/advisories/GHSA-r3jq-4r5c-j9hp
fixed_packages
0
url pkg:pypi/taipy@4.0.0
purl pkg:pypi/taipy@4.0.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/taipy@4.0.0
aliases CVE-2024-47833, GHSA-r3jq-4r5c-j9hp, PYSEC-2024-168
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yt4k-m42h-8bd1
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/taipy@2.0.0