Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.4 views

EulerOS 2.0 SP11 : brotli (EulerOS-SA-2026-1599)

According to the versions of the brotli package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Scrapy versions up to 2.13.2 are vulnerable to a denial of service DoS attack due to a flaw in its brotli decompression implementation. The...

7.5CVSS5.8AI score0.00509EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/04 12:0 a.m.5 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: brotli (UTSA-2026-005387)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005387 advisory. Scrapy versions up to 2.13.2 are vulnerable to a denial of service DoS attack due to a flaw in its brotli decompression implementation. The protection mechanism...

7.5CVSS7.1AI score0.00509EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.4 views

EulerOS 2.0 SP10 : brotli (EulerOS-SA-2026-1041)

According to the versions of the brotli package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Scrapy versions up to 2.13.2 are vulnerable to a denial of service DoS attack due to a flaw in its brotli decompression implementation. The...

7.5CVSS7.2AI score0.00509EPSS
Exploits0References2
OSV
OSV
added 2025/11/14 12:38 p.m.3 views

OESA-2025-2671 brotli security update

Brotli is a generic-purpose lossless compression algorithm that compresses data using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling, with a compression ratio comparable to the best currently available general-purpose compression methods. It...

7.5CVSS7.3AI score0.00509EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/31 12:0 a.m.4 views

CVE-2025-6176 Brotli decompression bomb DoS in scrapy/scrapy

Scrapy versions up to 2.13.2 are vulnerable to a denial of service DoS attack due to a flaw in its brotli decompression implementation. The protection mechanism against decompression bombs fails to mitigate the brotli variant, allowing remote servers to crash clients with less than 80GB of...

7.5CVSS6.2AI score0.00509EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2017-0128

Malware in sbrugna...

7.8CVSS7.4AI score0.01907EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2025/02/05 10:13 a.m.7 views

CVE-2024-3574

In scrapy version 2.10.1, an issue was identified where the Authorization header, containing credentials for server authentication, is leaked to a third-party site during a cross-domain redirect. This vulnerability arises from the failure to remove the Authorization header when redirecting across...

7.5CVSS6.5AI score0.00642EPSS
Exploits1
OSV
OSV
added 2024/04/16 12:15 a.m.2 views

UBUNTU-CVE-2024-3574

In scrapy version 2.10.1, an issue was identified where the Authorization header, containing credentials for server authentication, is leaked to a third-party site during a cross-domain redirect. This vulnerability arises from the failure to remove the Authorization header when redirecting across...

7.5CVSS5.6AI score0.00642EPSS
Exploits1References7
Rows per page
Query Builder