Package impact
PyPI / gerapy
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-43857 | unknown | — | 1.0 | 5y ago | Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8. | |||
| CVE-2021-44597 | unknown | — | — | 4y ago | An Access Control vunerabiity exists in Gerapy v 0.9.7 via the spider parameter in project_configure function. | |||
| CVE-2021-32849 | unknown | — | — | 5y ago | Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarou… | |||
| CVE-2020-7698 | unknown | — | — | 5y ago | This affects the package Gerapy from 0 and before 0.9.3. The input being passed to Popen, via the project_configure endpoint, isn’t being sanitized. |