Scrapy 2.10.1

CPE Details

Scrapy 2.10.1
scrapy
scrapy
2.10.1
2025-01-10
13h51 +00:00
2025-01-10
13h51 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:scrapy:scrapy:2.10.1:*:*:*:*:*:*:*

Informations

Vendor

scrapy

Product

scrapy

Version

2.10.1

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-1892 2024-02-28 00h00 +00:00 A Regular Expression Denial of Service (ReDoS) vulnerability exists in the XMLFeedSpider class of the scrapy/scrapy project, specifically in the parsing of XML content. By crafting malicious XML content that exploits inefficient regular expression complexity used in the parsing process, an attacker can cause a denial-of-service (DoS) condition. This vulnerability allows for the system to hang and consume significant resources, potentially rendering services that utilize Scrapy for XML processing unresponsive.
6.5
Moyen