Lucene search
K

7 matches found

OpenVAS
OpenVAS
added 2025/05/06 12:0 a.m.20 views

Ubuntu: Security Advisory (USN-7476-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.1AI score0.01243EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2024-1968

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In scrapy/scrapy, an issue was identified where the Authorization header is not removed during redirects that only change the scheme e.g., HTTPS to HTTP but...

7.5CVSS7.3AI score0.00682EPSS
Exploits1References3
vulnersOsv
vulnersOsv
added 2024/05/20 8:15 a.m.7 views

article-extract (>=0.1.2 <=0.1.3), bookscrape (>=0.0.1.dev1 <=0.0.2b7) +25 more potentially affected by CVE-2024-1968 via scrapy (>=1.3.3 <=1.8.4)

scrapy PYPI version =1.3.3, =0.1.2, =0.0.1.dev1, =1.2.1.20160901, =0.0.5, =0.0.20, =0.9.3, =0.0.1, =1.0.0, =1.0.0, =1.7.2, =1.1.0, =0.1.0, =0.2.3, =0.0.1, =0.1.1, =0.1.4 and more Source cves: CVE-2024-1968 Source advisory: OSV:PYSEC-2024-258...

7.5CVSS7.1AI score0.00682EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2024/05/20 8:15 a.m.12 views

ayugespidertools (>=3.4.0 <=3.9.7), baotool (=1.0.1) +8 more potentially affected by CVE-2024-1968 via scrapy (>=2.0.1 <=2.11.1)

scrapy PYPI version =2.0.1, =3.4.0, =2.8.3, =0.3.0a0, =0.0.1, =0.1.2, =0.2.3, =0.2.1, =0.4.0, =0.8.1 Source cves: CVE-2024-1968 Source advisory: OSV:PYSEC-2024-258...

7.5CVSS7.1AI score0.00682EPSS
Exploits1
NVD
NVD
added 2024/05/20 8:15 a.m.19 views

CVE-2024-1968

In scrapy/scrapy, an issue was identified where the Authorization header is not removed during redirects that only change the scheme e.g., HTTPS to HTTP but remain within the same domain. This behavior contravenes the Fetch standard, which mandates the removal of Authorization headers in...

7.5CVSS7.2AI score0.00682EPSS
Exploits1References2
OSV
OSV
added 2024/05/20 8:3 a.m.19 views

CVE-2024-1968 Authorization Header Leakage in scrapy/scrapy on Scheme Change Redirects

In scrapy/scrapy, an issue was identified where the Authorization header is not removed during redirects that only change the scheme e.g., HTTPS to HTTP but remain within the same domain. This behavior contravenes the Fetch standard, which mandates the removal of Authorization headers in...

7.5CVSS7AI score0.00682EPSS
Exploits1References4
vulnersOsv
vulnersOsv
added 2024/05/14 8:14 p.m.7 views

article-extract (>=0.1.2 <=0.1.3), ayugespidertools (>=3.4.0 <=3.9.7) +35 more potentially affected by CVE-2024-1968 via scrapy (>=1.3.3 <=2.11.1)

scrapy PYPI version =1.3.3, =0.1.2, =3.4.0, =2.8.3, =0.0.1.dev1, =1.2.1.20160901, =0.0.5, =0.3.0a0, =0.0.20, =0.9.3, =0.0.1, =0.0.1, =0.1.2, =1.0.0, =1.1.2.post0 and more Source cves: CVE-2024-1968 Source advisory: OSV:GHSA-4QQQ-9VQF-3H3F...

7.5CVSS7.1AI score0.00682EPSS
Exploits1
Rows per page
Query Builder