Search for packages
| purl | pkg:pypi/gerapy@0.9.3a2 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-ctdj-cvza-yucq
Aliases: CVE-2021-32849 GHSA-756h-r2c9-qp5j PYSEC-2022-17 |
Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds. |
Affected by 0 other vulnerabilities. |
|
VCID-juhh-bhbk-pffm
Aliases: CVE-2021-43857 GHSA-9w7f-m4j4-j3xw PYSEC-2021-867 |
Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8. |
Affected by 1 other vulnerability. |
|
VCID-qqmb-2wrb-5bhx
Aliases: CVE-2020-7698 GHSA-g57j-q48p-9vm2 PYSEC-2020-44 SNYK-PYTHON-GERAPY-572470 |
This affects the package Gerapy from 0 and before 0.9.3. The input being passed to Popen, via the project_configure endpoint, isn’t being sanitized. |
Affected by 3 other vulnerabilities. |
|
VCID-z7kw-15th-abf3
Aliases: CVE-2021-44597 GHSA-29vr-79w7-p649 PYSEC-2022-228 |
An Access Control vunerabiity exists in Gerapy v 0.9.7 via the spider parameter in project_configure function. |
Affected by 1 other vulnerability. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||