CVE-2021-44597 – gerapy

Package

Manager: pip
Name: gerapy
Vulnerable Version: <0

Severity

Level: Critical

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v4.0: N/A

EPSS: N/A pctlN/A

Details

Duplicate Advisory: Incorrect Authorization in Gerapy ## Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9w7f-m4j4-j3xw. This link is maintained to preserve external references. ## Original Description An Access Control vunerabiity exists in Gerapy v 0.9.7 via the spider parameter in project_configure function.

Metadata

Created: 2022-03-11T00:02:00Z
Modified: 2023-07-31T20:36:31Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/03/GHSA-29vr-79w7-p649/GHSA-29vr-79w7-p649.json
CWE IDs: ["CWE-863"]
Alternative ID: GHSA-29vr-79w7-p649
Finding: N/A
Auto approve: 0