Duplicate Advisory: Incorrect Authorization in Gerapy

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9w7f-m4j4-j3xw. This link is maintained to preserve external references. Original Description An Access Control vunerabiity exists in Gerapy v 0.9.7 via the spider parameter in projectconfigure function...

GHSA-29VR-79W7-P649 Duplicate Advisory: Incorrect Authorization in Gerapy

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9w7f-m4j4-j3xw. This link is maintained to preserve external references. Original Description An Access Control vunerabiity exists in Gerapy v 0.9.7 via the spider parameter in projectconfigure function...

编号撤回

Gerapy is a distributed crawler management framework based on Scrapy, Scrapyd, Django and Vue.js. A security vulnerability exists in Gerapy v 0.9.7, which stems from an access control vulnerability that can be caused by the spider parameter in the projectconfigure function. No details of the...

PT-2022-12183 · Gerapy · Gerapy

Name of the Vulnerable Software and Affected Versions: Gerapy version 0.9.7 Description: An Access Control issue exists in Gerapy via the spider parameter in the project configure function. Recommendations: For Gerapy version 0.9.7, consider restricting access to the project configure function...

PYSEC-2020-44

This affects the package Gerapy from 0 and before 0.9.3. The input being passed to Popen, via the projectconfigure endpoint, isn’t being sanitized...

Command Injection

Overview gerapy is a Distributed Crawler Management Framework Based on Scrapy, Scrapyd, Scrapyd-Client, Scrapyd-API, Django and Vue.js. Affected versions of this package are vulnerable to Command Injection. The input being passed to Popen, via the projectconfigure endpoint, isn’t being sanitized...