313 matches found
CVE-2017-14158
Scrapy 1.4 allows remote attackers to cause a denial of service memory consumption via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by...
UBUNTU-CVE-2017-14158
Scrapy 1.4 allows remote attackers to cause a denial of service memory consumption via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by...
DEBIAN-CVE-2017-14158
Scrapy 1.4 allows remote attackers to cause a denial of service memory consumption via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by...
PYSEC-2017-83
Scrapy 1.4 allows remote attackers to cause a denial of service memory consumption via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by...
CVE-2017-14158
Scrapy 1.4 allows remote attackers to cause a denial of service memory consumption via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by...
CVE-2017-14158
Scrapy 1.4 allows remote attackers to cause a denial of service memory consumption via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by...
CVE-2017-14158
Scrapy 1.4 allows remote attackers to cause a denial of service memory consumption via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by...
CVE-2017-14158
CVE-2017-14158 affects Scrapy 1.4 and leads to a denial-of-service via memory consumption when handling large files. The underlying cause is that arbitrarily many files are read into memory, and then they are individually written in a separate thread to a slow storage resource (demonstrated by th...
py-Scrapy -- DoS vulnerability
kmike and nramirezuy report: Scrapy 1.4 allows remote attackers to cause a denial of service memory consumption via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage...
xsscrapy - XSS/SQLi Spider
Fast, thorough, XSS/SQLi spider. Give it a URL and it'll test every link it finds for cross-site scripting and some SQL injection vulnerabilities. See FAQ for more details about SQLi detection. From within the main folder run: ./xsscrapy.py -u http://example.com If you wish to login then crawl:...
Scrapy Python Crawler: Crawlpy
Python web spider/crawler based on scrapy with support for POST/GET login, variable level of recursions/depth and optionally save to disk. Requirements python 2.7 lxml pip pip install Scrapy Features POST/GET Login prior crawling Can handle logins that requires dynamic CSRF token Variable level o...
Using scrapy crawl sebug vulnerability database-vulnerability warning-the black bar safety net
! Due to the project need to grab the sebug of the vulnerability database content, using the scrapy framework simple has written a gripping sebug the crawler, and stored in a database, mysql or mongodb, here to mysql, for example. About scrapy Scrapy, Python, development of a quick,high-level...
XML External Entity (XXE) Injection
Overview Scrapy is a high-level web crawling and web scraping framework, used to crawl websites and extract structured data from their pages. Affected versions of this package are vulnerable to XML External Entity XXE Injection via the sitemap reader. Details XXE Injection is a type of attack...