Описание
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository scrapy/scrapy prior to 2.6.1.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| python-scrapy | fixed | 2.6.1-1 | package | |
| python-scrapy | fixed | 2.4.1-2+deb11u1 | bullseye | package |
| python-scrapy | fixed | 1.5.1-1+deb10u1 | buster | package |
Примечания
https://github.com/advisories/GHSA-cjvr-mfj7-j4j8
https://huntr.dev/bounties/3da527b1-2348-4f69-9e88-2e11a96ac585
https://github.com/scrapy/scrapy/commit/8ce01b3b76d4634f55067d6cfdf632ec70ba304a
EPSS
Процентиль: 39%
0.00174
Низкий
Связанные уязвимости
CVSS3: 6.5
ubuntu
почти 4 года назад
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository scrapy/scrapy prior to 2.6.1.
CVSS3: 6.5
nvd
почти 4 года назад
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository scrapy/scrapy prior to 2.6.1.
CVSS3: 6.5
github
почти 4 года назад
Incorrect Authorization and Exposure of Sensitive Information to an Unauthorized Actor in scrapy
EPSS
Процентиль: 39%
0.00174
Низкий