23 matches found
CVE-2026-48544
Taipy 4.1.1, fixed in commit 129fd40, contains a path traversal vulnerability in the ElementLibrary.getresource method in taipy/gui/extension/library.py that allows unauthenticated attackers to escape the intended module directory by exploiting an incomplete path containment check using...
CVE-2026-48544
Taipy 4.1.1, fixed in commit 129fd40, contains a path traversal vulnerability in the ElementLibrary.getresource method in taipy/gui/extension/library.py that allows unauthenticated attackers to escape the intended module directory by exploiting an incomplete path containment check using...
CVE-2026-48544 Taipy 4.1.1 Path Traversal via ElementLibrary.get_resource()
Taipy 4.1.1, fixed in commit 129fd40, contains a path traversal vulnerability in the ElementLibrary.getresource method in taipy/gui/extension/library.py that allows unauthenticated attackers to escape the intended module directory by exploiting an incomplete path containment check using...
CVE-2026-48544
Taipy 4.1.1 contains a path traversal vulnerability in ElementLibrary.get_resource() within taipy/gui/extension/library.py. The issue arises from an incomplete directory containment check using str.startswith() without a trailing path separator, allowing crafted GET requests with path traversal s...
Taipy 路径遍历漏洞
Taipy is an open-source application developed by Avaiga. It was designed specifically for data scientists and machine learning engineers to build data and artificial intelligence network applications. Version 4.1.1 of Taipy contains a path traversal vulnerability. This vulnerability stems from th...
PT-2026-44007
Taipy 4.1.1, fixed in commit 129fd40, contains a path traversal vulnerability in the ElementLibrary.get resource method in taipy/gui/extension/library.py that allows unauthenticated attackers to escape the intended module directory by exploiting an incomplete path containment check using...
EUVD-2024-0207
Malicious code in bioql PyPI...
CVE-2024-47833
Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine learning engineers. In affected versions session cookies are served without Secure and HTTPOnly flags. This issue has been addressed in release version 4.0.0 and all users are advis...
PYSEC-2024-168
Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine learning engineers. In affected versions session cookies are served without Secure and HTTPOnly flags. This issue has been addressed in release version 4.0.0 and all users are advis...
CVE-2024-47833
Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine learning engineers. In affected versions session cookies are served without Secure and HTTPOnly flags. This issue has been addressed in release version 4.0.0 and all users are advis...
PYSEC-2024-168
Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine learning engineers. In affected versions session cookies are served without Secure and HTTPOnly flags. This issue has been addressed in release version 4.0.0 and all users are advis...
cashd (>=0.1.0 <=0.2.2) potentially affected by CVE-2024-47833 via taipy (>=3.1.0 <=3.1.1)
taipy PYPI version =3.1.0, =0.1.0, =0.2.2 Source cves: CVE-2024-47833 Source advisory: OSV:PYSEC-2024-168...
CVE-2024-47833 Session Cookie without Secure and HTTPOnly flags in taipy
Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine learning engineers. In affected versions session cookies are served without Secure and HTTPOnly flags. This issue has been addressed in release version 4.0.0 and all users are advis...
CVE-2024-47833 Session Cookie without Secure and HTTPOnly flags in taipy
Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine learning engineers. In affected versions session cookies are served without Secure and HTTPOnly flags. This issue has been addressed in release version 4.0.0 and all users are advis...
CVE-2024-47833 Session Cookie without Secure and HTTPOnly flags in taipy
Taipy is an open-source Python library for easy, end-to-end application development for data scientists and machine learning engineers. In affected versions session cookies are served without Secure and HTTPOnly flags. This issue has been addressed in release version 4.0.0 and all users are advis...
CVE-2024-47833
Taipy (Python library) is affected by a vulnerability where session cookies are served without Secure and HTTPOnly flags in affected versions prior to 4.0.0. The issue is documented across multiple sources (CVE record, Red Hat, OSV, GitHub GHSA advisory) and is explicitly addressed in release 4.0...
Taipy 安全漏洞
Taipy is an open source application from Avaiga. Designed for data scientists and machine learning engineers building data and artificial intelligence web applications. A security vulnerability existed in Taipy prior to version 4.0.0 that stemmed from session cookies not using the Secure and...
Sensitive Cookie In HTTPS Session Without "Secure" Attribute
taipy is vulnerable to Sensitive Cookie in HTTPS Session Without "Secure" Attribute. The vulnerability is due to the improper setting of security flags on session cookies. An attacker can intercept or tamper with the cookie over insecure connections by exploiting the lack of Secure and HttpOnly...
cashd (>=0.1.0 <=0.2.2) potentially affected by CVE-2024-47833 via taipy (>=3.1.0 <=3.1.1)
taipy PYPI version =3.1.0, =0.1.0, =0.2.2 Source cves: CVE-2024-47833 Source advisory: OSV:GHSA-R3JQ-4R5C-J9HP...
GHSA-PP84-V3MW-GG4W Taipy 3.1.1 affected by CVEs on flask-core and pymongo
Summary Indirect CVEs affect Taipy 3.1.1 Details Taipy 3.1.1 is affected by two existing CVEs: CVE-2024-1681 affects flask-core =3.1.2 and on major releases: =4.0.0 Impact pre-commit breaks when using dependency Taipy 3.1.1...