RSS   Podatności dla 'Gerapy'   RSS

2022-03-10
 
CVE-2021-44597

CWE-863
 

 
An Access Control vunerabiity exists in Gerapy v 0.9.7 via the spider parameter in project_configure function.

 
2022-01-26
 
CVE-2021-32849

CWE-77
 

 
Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds.

 
2020-07-29
 
CVE-2020-7698

CWE-74
 

 
This affects the package Gerapy from 0 and before 0.9.3. The input being passed to Popen, via the project_configure endpoint, isn�??t being sanitized.

 


Copyright 2024, cxsecurity.com

 

Back to Top