Homepage

pyspider@0.3.7 vulnerabilities

A Powerful Spider System in Python

  • latest version

    0.3.10

  • first published

    10 years ago

  • latest version published

    6 years ago

  • licenses detected

  • View pyspider package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the pyspider package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Cross-site Request Forgery (CSRF)

    pyspider is an A Powerful Spider System in Python

    Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF) through the Flask endpoints. An attacker can manipulate the state of the application.

    How to fix Cross-site Request Forgery (CSRF)?

    There is no fixed version for pyspider.

    [0,)
    • L
    Cross-site Scripting (XSS)

    pyspider is an A Powerful Spider System in Python

    Affected versions of this package are vulnerable to Cross-site Scripting (XSS) through the /update endpoint due to improper sanitization of the name parameter.

    Note: To successfully exploit this vulnerability in a real-life scenario, the attacker should first exploit a CSRF vulnerability.

    How to fix Cross-site Scripting (XSS)?

    There is no fixed version for pyspider.

    [0,)
    Go back to all versions of this package