| Release | Version |
|---|---|
| bullseye | 2.4.1-2+deb11u1 |
| bookworm | 2.8.0-2 |
| trixie | 2.12.0-2 |
| forky | 2.13.3-1 |
| sid | 2.13.3-1 |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2024-3574 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | In scrapy version 2.10.1, an issue was identified where the Authorizat ... |
| CVE-2024-3572 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | The scrapy/scrapy project is vulnerable to XML External Entity (XXE) a ... |
| CVE-2024-1968 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | In scrapy/scrapy, an issue was identified where the Authorization head ... |
| CVE-2024-1892 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | A Regular Expression Denial of Service (ReDoS) vulnerability exists in ... |
| Bug | bullseye | bookworm | trixie | forky | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2025-6176 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Scrapy versions up to 2.13.2 are vulnerable to a denial of service (Do ... |
| CVE-2017-14158 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Scrapy 1.4 allows remote attackers to cause a denial of service (memor ... |
| Bug | Description |
|---|---|
| CVE-2022-0577 | Exposure of Sensitive Information to an Unauthorized Actor in GitHub r ... |
| CVE-2021-41125 | Scrapy is a high-level web crawling and scraping framework for Python. ... |
| DSA / DLA | Description |
|---|---|
| DLA-2950-1 | python-scrapy - security update |