55 matches found
Exploit for OS Command Injection in Gerapy
CVE-2021-43857-Gerapy-v0.9.7 - login to portal as admin - add...
EUVD-2020-0083
Malware in sbrugna...
EUVD-2022-0113
Malicious code in bioql PyPI...
CVE-2021-32849
Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds...
CVE-2021-43857
Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8...
VulnCheck KEV: CVE-2021-32849
Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds...
Exploit for OS Command Injection in Gerapy
CVE-2021-43857 CVE-2021-43857 Gerpy command execution...
Gerapy has unspecified vulnerabilities
Gerapy is a distributed crawler management framework based on Scrapy, Scrapyd, Django and Vue.js. A security vulnerability exists in Gerapy v 0.9.7, which stems from an access control vulnerability that can be caused by the spider parameter in the projectconfigure function. No details of the...
Remote Code Execution (RCE)
gerapy is vulnerable to remote code execution. An attacker can inject and execute malicious commands through the projectconfigure function of views.py...
Duplicate Advisory: Incorrect Authorization in Gerapy
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9w7f-m4j4-j3xw. This link is maintained to preserve external references. Original Description An Access Control vunerabiity exists in Gerapy v 0.9.7 via the spider parameter in projectconfigure function...
GHSA-29VR-79W7-P649 Duplicate Advisory: Incorrect Authorization in Gerapy
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9w7f-m4j4-j3xw. This link is maintained to preserve external references. Original Description An Access Control vunerabiity exists in Gerapy v 0.9.7 via the spider parameter in projectconfigure function...
PYSEC-2022-228
An Access Control vunerabiity exists in Gerapy v 0.9.7 via the spider parameter in projectconfigure function...
PYSEC-2022-228
An Access Control vunerabiity exists in Gerapy v 0.9.7 via the spider parameter in projectconfigure function...
编号撤回
Gerapy is a distributed crawler management framework based on Scrapy, Scrapyd, Django and Vue.js. A security vulnerability exists in Gerapy v 0.9.7, which stems from an access control vulnerability that can be caused by the spider parameter in the projectconfigure function. No details of the...
PT-2022-12183 · Gerapy · Gerapy
Name of the Vulnerable Software and Affected Versions: Gerapy version 0.9.7 Description: An Access Control issue exists in Gerapy via the spider parameter in the project configure function. Recommendations: For Gerapy version 0.9.7, consider restricting access to the project configure function...
article-extract (>=0.1.2 <=0.1.3), bookscrape (>=0.0.1.dev1 <=0.0.2b7) +19 more potentially affected by CVE-2022-0577 via scrapy (>=1.3.3 <=1.8.0)
scrapy PYPI version =1.3.3, =0.1.2, =0.0.1.dev1, =1.2.1.20160901, =0.0.5, =0.0.20, =0.9.3, =0.0.1, =1.0.0, =1.0.0, =1.7.2, =1.1.0, =0.1.0, =0.2.3, =0.0.1, =0.1.5, =0.1.8 and more Source cves: CVE-2022-0577 Source advisory: OSV:GHSA-CJVR-MFJ7-J4J8...
CVE-2021-32849
Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds...
CVE-2021-32849
Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds...
Command injection
Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds...
PYSEC-2022-17
Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds...