22 Total advisories
22 Vulnerabilities
0 Malware
Vulnerabilities
UNKNOWN
CVE-2024-1968
CVE-2024-1968
MEDIUM 6.5
CVE-2024-1892
CVE-2024-1892
HIGH 7.5
CVE-2017-14158
Scrapy denial of service vulnerability
HIGH 7.5
GHSA-cwxj-rr6w-m6w7
Scrapy: Arbitrary Module Import via Referrer-Policy Header in RefererMiddleware
MEDIUM 5.7
CVE-2021-41125
Scrapy HTTP authentication credentials potentially leaked to target websites
HIGH 7.5
CVE-2025-6176
Scrapy is vulnerable to a denial of service (DoS) attack due to flaws in brotli decompression implementation
UNKNOWN
CVE-2022-0577
CVE-2022-0577
UNKNOWN
CVE-2017-14158
CVE-2017-14158
MEDIUM 5.9
CVE-2024-1968
Scrapy leaks the authorization header on same-domain but cross-origin redirects
HIGH 7.5
CVE-2024-1892
Scrapy vulnerable to ReDoS via XMLFeedSpider
UNKNOWN
GHSA-mfjm-vh54-3f96
Scrapy cookie-setting is not restricted based on the public suffix list
HIGH 7.5
GHSA-cg34-w3fm-82h3
Duplicate Advisory: Scrapy leaks the authorization header on same-domain but cross-origin redirects
MEDIUM 6.5
GHSA-23j4-mw76-5v7h
Scrapy allows redirect following in protocols other than HTTP
HIGH 7.5
GHSA-7c9g-vj9m-8pm6
Duplicate Advisory: ReDos vulnerability of XMLFeedSpider
UNKNOWN
GHSA-9x8m-2xpf-crp3
Scrapy before 2.6.2 and 1.8.3 vulnerable to one proxy sending credentials to another
MEDIUM 4.3
GHSA-jm3v-qxmh-hxwv
Scrapy's redirects ignoring scheme-specific proxy settings
HIGH 7.5
GHSA-rmqv-7v3j-mr7p
Duplicate Advisory: Scrapy decompression bomb vulnerability
HIGH 7.5
GHSA-4q82-j5c2-g2c5
Duplicate Advisory: Scrapy authorization header leakage on cross-domain redirect
MEDIUM 6.5
CVE-2022-0577
Incorrect Authorization and Exposure of Sensitive Information to an Unauthorized Actor in scrapy
HIGH 7.5
CVE-2024-3572
Scrapy decompression bomb vulnerability
HIGH 7.5
CVE-2024-3574
Scrapy authorization header leakage on cross-domain redirect
UNKNOWN
CVE-2021-41125
CVE-2021-41125
Ready to move
Start Securing
Free, no credit card | First findings in minutes