Lucene search
+L

6 matches found

OpenVAS
OpenVAS
added 2025/05/06 12:0 a.m.20 views

Ubuntu: Security Advisory (USN-7476-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.1AI score0.01243EPSS
Exploits5References2
Debian
Debian
added 2022/03/16 11:57 a.m.90 views

[SECURITY] [DLA 2950-1] python-scrapy security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2950-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 16, 2022 https://wiki.debian.org/LTS -...

8.8CVSS6.8AI score0.01243EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/03/16 12:0 a.m.50 views

Debian DLA-2950-1 : python-scrapy - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2950 advisory. It was found that Scrapy, a framework for extracting data from websites, could send HTTP Authorization as well as cookies to other domains in case of redirections,...

8.8CVSS7.3AI score0.01243EPSS
Exploits1References7
vulnersOsv
vulnersOsv
added 2021/10/06 5:46 p.m.6 views

2adif (=0.1.0), addgene-mcp (>=0.1.0 <=0.1.3) +549 more potentially affected by CVE-2021-41125 via scrapy (>=2.0.1 <=2.5.0)

scrapy PYPI version =2.0.1, =0.1.0, =0.10.0, =0.0.1, =0.1.4, =1.0.0, =0.0.1, =1.0.0, =0.0.24, =2.9.3, =0.2.3, =1.2.0, =1.5.0 and more Source cves: CVE-2021-41125 Source advisory: OSV:GHSA-JWQP-28GF-P498...

6.5CVSS6.8AI score0.01196EPSS
Exploits0
CVE
CVE
added 2021/10/06 5:15 p.m.99 views

CVE-2021-41125

CVE-2021-41125 affects Scrapy (Python): when using HttpAuthMiddleware (http_user/http_pass spider attributes), credentials may be exposed in requests, including robots.txt checks and redirects. Affected versions include older Scrapy releases prior to fixes. Mitigation per sources: upgrade to Scra...

6.5CVSS6AI score0.01196EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2021/10/06 5:15 p.m.38 views

CVE-2021-41125 HTTP authentication credential leak to target websites in scrapy

Scrapy is a high-level web crawling and scraping framework for Python. If you use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for HTTP authentication, all requests will expose your credentials to the request target. This includes requests generated by Scrapy components, su...

5.7CVSS6.8AI score0.01196EPSS
Exploits0References5
Rows per page
Query Builder