Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 8:54 a.m.5 views

CVE-2021-41124

Scrapy-splash is a library which provides Scrapy and JavaScript integration. In affected versions users who use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for Splash authentication will have any non-Splash request expose your credentials to the request target. This includ...

7.5CVSS7AI score0.01077EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-0238

Malware in sbrugna...

7.5CVSS7.4AI score0.01077EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2021/10/06 6:15 p.m.3 views

CVE-2021-41125

Scrapy is a high-level web crawling and scraping framework for Python. If you use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for HTTP authentication, all requests will expose your credentials to the request target. This includes requests generated by Scrapy components, su...

6.5CVSS6.9AI score0.01196EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2021/10/06 12:0 a.m.4 views

PT-2021-23108 · Scrapy +2 · Scrapy +2

Name of the Vulnerable Software and Affected Versions: Scrapy versions prior to 2.5.1 Scrapy versions 1.8 and earlier Description: The issue affects Scrapy when using HttpAuthMiddleware for HTTP authentication, causing all requests to expose credentials to the request target. This includes reques...

8.8CVSS7.2AI score0.01243EPSS
Exploits5References36
NVD
NVD
added 2021/10/05 9:15 p.m.24 views

CVE-2021-41124

Scrapy-splash is a library which provides Scrapy and JavaScript integration. In affected versions users who use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for Splash authentication will have any non-Splash request expose your credentials to the request target. This includ...

7.5CVSS0.01077EPSS
Exploits0References2
OSV
OSV
added 2021/10/05 9:15 p.m.17 views

CVE-2021-41124

Scrapy-splash is a library which provides Scrapy and JavaScript integration. In affected versions users who use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for Splash authentication will have any non-Splash request expose your credentials to the request target. This includ...

7.5CVSS7.7AI score
Exploits0References2
Prion
Prion
added 2021/10/05 9:15 p.m.15 views

Cross site request forgery (csrf)

Scrapy-splash is a library which provides Scrapy and JavaScript integration. In affected versions users who use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for Splash authentication will have any non-Splash request expose your credentials to the request target. This includ...

4.3CVSS7.7AI score0.01077EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/10/05 9:0 p.m.105 views

CVE-2021-41124

The CVE affects the scrapy-splash library used with Scrapy. When HttpAuthMiddleware (http_user/http_pass) is used for Splash authentication, non-Splash requests can leak credentials to the target, including robots.txt requests if ROBOTSTXT_OBEY is True. Remediation per the reports is to upgrade t...

7.5CVSS7.5AI score0.01077EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder