Moderate severityNVD Advisory· Published Mar 2, 2022· Updated Aug 2, 2024
Exposure of Sensitive Information to an Unauthorized Actor in scrapy/scrapy
CVE-2022-0577
Description
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository scrapy/scrapy prior to 2.6.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
scrapyPyPI | < 1.8.2 | 1.8.2 |
scrapyPyPI | >= 2.0.0, < 2.6.1 | 2.6.1 |
Affected products
2Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-cjvr-mfj7-j4j8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-0577ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/scrapy/PYSEC-2022-159.yamlghsaWEB
- github.com/scrapy/scrapy/commit/8ce01b3b76d4634f55067d6cfdf632ec70ba304aghsax_refsource_MISCWEB
- github.com/scrapy/scrapy/security/advisories/GHSA-cjvr-mfj7-j4j8ghsaWEB
- huntr.dev/bounties/3da527b1-2348-4f69-9e88-2e11a96ac585ghsax_refsource_CONFIRMWEB
- lists.debian.org/debian-lts-announce/2022/03/msg00021.htmlghsamailing-listx_refsource_MLISTWEB
News mentions
0No linked articles in our index yet.