pyspider@0.3.2 vulnerabilities

A Powerful Spider System in Python

Direct Vulnerabilities

Known vulnerabilities in the pyspider package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Cross-site Request Forgery (CSRF)

pyspider is an A Powerful Spider System in Python

Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF) through the Flask endpoints. An attacker can manipulate the state of the application.

How to fix Cross-site Request Forgery (CSRF)?

There is no fixed version for pyspider.

[0,)
  • L
Cross-site Scripting (XSS)

pyspider is an A Powerful Spider System in Python

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) through the /update endpoint due to improper sanitization of the name parameter.

Note: To successfully exploit this vulnerability in a real-life scenario, the attacker should first exploit a CSRF vulnerability.

How to fix Cross-site Scripting (XSS)?

There is no fixed version for pyspider.

[0,)