PyPI package
gerapy
pkg:pypi/gerapy
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-32849 | — | < 0.9.9 | 0.9.9 | Jan 26, 2022 | Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds. | ||
| CVE-2021-43857 | — | < 0.9.8 | 0.9.8 | Dec 27, 2021 | Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8. | ||
| CVE-2020-7698 | — | < 0.9.3 | 0.9.3 | Jul 29, 2020 | This affects the package Gerapy from 0 and before 0.9.3. The input being passed to Popen, via the project_configure endpoint, isn’t being sanitized. |
- CVE-2021-32849Jan 26, 2022affected < 0.9.9fixed 0.9.9
Gerapy is a distributed crawler management framework. Prior to version 0.9.9, an authenticated user could execute arbitrary commands. This issue is fixed in version 0.9.9. There are no known workarounds.
- CVE-2021-43857Dec 27, 2021affected < 0.9.8fixed 0.9.8
Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8.
- CVE-2020-7698Jul 29, 2020affected < 0.9.3fixed 0.9.3
This affects the package Gerapy from 0 and before 0.9.3. The input being passed to Popen, via the project_configure endpoint, isn’t being sanitized.