Lucene search
K

88 matches found

PyPA
PyPA
added 2021/10/06 6:15 p.m.8 views

PYSEC-2021-363

Scrapy is a high-level web crawling and scraping framework for Python. If you use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for HTTP authentication, all requests will expose your credentials to the request target. This includes requests generated by Scrapy components, su...

6.5CVSS7.1AI score0.01196EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/10/06 6:15 p.m.3 views

CVE-2021-41125

Scrapy is a high-level web crawling and scraping framework for Python. If you use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for HTTP authentication, all requests will expose your credentials to the request target. This includes requests generated by Scrapy components, su...

6.5CVSS6.9AI score0.01196EPSS
Exploits0References6Affected Software1
UbuntuCve
UbuntuCve
added 2021/10/06 6:15 p.m.21 views

CVE-2021-41125

Scrapy is a high-level web crawling and scraping framework for Python. If you use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for HTTP authentication, all requests will expose your credentials to the request target. This includes requests generated by Scrapy components, su...

6.5CVSS6.9AI score0.01196EPSS
Exploits0References6
OSV
OSV
added 2021/10/06 6:15 p.m.4 views

UBUNTU-CVE-2021-41125

Scrapy is a high-level web crawling and scraping framework for Python. If you use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for HTTP authentication, all requests will expose your credentials to the request target. This includes requests generated by Scrapy components, su...

6.5CVSS5.8AI score0.01196EPSS
Exploits0References7
PyPA
PyPA
added 2021/10/05 9:15 p.m.7 views

PYSEC-2021-364

Scrapy-splash is a library which provides Scrapy and JavaScript integration. In affected versions users who use HttpAuthMiddleware i.e. the httpuser and httppass spider attributes for Splash authentication will have any non-Splash request expose your credentials to the request target. This includ...

7.5CVSS7.1AI score0.01077EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/05/10 3:22 p.m.11 views

GHSA-GQ28-H5VG-8PRX Privilege escalation in spring security

Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen it must be programmed in...

8.8CVSS6.9AI score0.03197EPSS
Exploits0References19
OSV
OSV
added 2018/07/25 2:29 p.m.2 views

CVE-2018-5536

A remote attacker via undisclosed measures, may be able to exploit an F5 BIG-IP APM 13.0.0-13.1.0.7 or 12.1.0-12.1.3.5 virtual server configured with an APM per-request policy object and cause a memory leak in the APM module...

7.5CVSS5.8AI score0.02355EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/11/28 12:0 a.m.29 views

CVE-2017-15119

The Network Block Device NBD server in Quick Emulator QEMU before 2.11 is vulnerable to a denial of service issue. It could occur if a client sent large option requests, making the server waste CPU time on reading up to 4GB per request. A client could use this flaw to keep the NBD server from...

8.6CVSS6.8AI score0.03325EPSS
Exploits0References3
Rows per page
Query Builder