scrapy@1.8.4 vulnerabilities
A high-level Web Crawling and Web Scraping framework
-
latest version
2.11.1
-
first published
14 years ago
-
latest version published
2 months ago
-
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the scrapy package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Scrapy is a high-level web crawling and web scraping framework, used to crawl websites and extract structured data from their pages. Affected versions of this package are vulnerable to Information Exposure Through Sent Data due to the failure to remove the How to fix Information Exposure Through Sent Data? Upgrade |
[,2.11.1)
|
Scrapy is a high-level web crawling and web scraping framework, used to crawl websites and extract structured data from their pages. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) when parsing content. An attacker can cause extreme CPU and memory usage by handling a malicious response. How to fix Regular Expression Denial of Service (ReDoS)? Upgrade |
[,2.11.1)
|
Scrapy is a high-level web crawling and web scraping framework, used to crawl websites and extract structured data from their pages. Affected versions of this package are vulnerable to Information Exposure in which a spider could leak cookie headers when being forwarded to a third party, potentially attacker-controlled website. How to fix Information Exposure? Upgrade |
[,2.6.0)
|
via |
[0,)
|