Lucene search
K

4 matches found

Prion
Prion
added 2021/10/06 6:15 p.m.21 views

Authentication flaw

Scrapy is a high-level web crawling and scraping framework for Python. If you use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for HTTP authentication, all requests will expose your credentials to the request target. This includes requests generated by Scrapy components, su...

4CVSS6.5AI score0.01196EPSS
Exploits0References5Affected Software2
ATTACKERKB
ATTACKERKB
added 2021/10/06 6:15 p.m.3 views

CVE-2021-41125

Scrapy is a high-level web crawling and scraping framework for Python. If you use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for HTTP authentication, all requests will expose your credentials to the request target. This includes requests generated by Scrapy components, su...

6.5CVSS6.9AI score0.01196EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2021/10/06 6:15 p.m.3 views

UBUNTU-CVE-2021-41125

Scrapy is a high-level web crawling and scraping framework for Python. If you use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for HTTP authentication, all requests will expose your credentials to the request target. This includes requests generated by Scrapy components, su...

6.5CVSS5.8AI score0.01196EPSS
Exploits0References7
OSV
OSV
added 2021/10/06 5:46 p.m.1 views

GHSA-JWQP-28GF-P498 Scrapy HTTP authentication credentials potentially leaked to target websites

Impact If you use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for HTTP authentication, all requests will expose your credentials to the request target. This includes requests generated by Scrapy components, such as robots.txt requests sent by Scrapy when the ROBOTSTXTOBEY...

6.9CVSS7.2AI score0.01196EPSS
Exploits0References8
Rows per page
Query Builder