CVE-2021-41124
The CVE affects the scrapy-splash library used with Scrapy. When HttpAuthMiddleware (http_user/http_pass) is used for Splash authentication, non-Splash requests can leak credentials to the target, including robots.txt requests if ROBOTSTXT_OBEY is True. Remediation per the reports is to upgrade t...