Vulnerability Details CVE-2021-43857
Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.419
EPSS Ranking 97.3%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 6.5
References
- http://packetstormsecurity.com/files/165459/Gerapy-0.9.7-Remote-Code-Execution.html
- https://github.com/Gerapy/Gerapy/commit/49bcb19be5e0320e7e1535f34fe00f16a3cf3b28
- https://github.com/Gerapy/Gerapy/issues/219
- https://github.com/Gerapy/Gerapy/security/advisories/GHSA-9w7f-m4j4-j3xw
- http://packetstormsecurity.com/files/165459/Gerapy-0.9.7-Remote-Code-Execution.html
- https://github.com/Gerapy/Gerapy/commit/49bcb19be5e0320e7e1535f34fe00f16a3cf3b28
- https://github.com/Gerapy/Gerapy/issues/219
- https://github.com/Gerapy/Gerapy/security/advisories/GHSA-9w7f-m4j4-j3xw
Products affected by CVE-2021-43857
-
cpe:2.3:a:gerapy:gerapy:0.0.0
-
cpe:2.3:a:gerapy:gerapy:0.7.8
-
cpe:2.3:a:gerapy:gerapy:0.8.0
-
cpe:2.3:a:gerapy:gerapy:0.8.2
-
cpe:2.3:a:gerapy:gerapy:0.8.3
-
cpe:2.3:a:gerapy:gerapy:0.8.4
-
cpe:2.3:a:gerapy:gerapy:0.8.5
-
cpe:2.3:a:gerapy:gerapy:0.8.6
-
cpe:2.3:a:gerapy:gerapy:0.8.7
-
cpe:2.3:a:gerapy:gerapy:0.8.8
-
cpe:2.3:a:gerapy:gerapy:0.9.0
-
cpe:2.3:a:gerapy:gerapy:0.9.1
-
cpe:2.3:a:gerapy:gerapy:0.9.2
-
cpe:2.3:a:gerapy:gerapy:0.9.3
-
cpe:2.3:a:gerapy:gerapy:0.9.4
-
cpe:2.3:a:gerapy:gerapy:0.9.5
-
cpe:2.3:a:gerapy:gerapy:0.9.6
-
cpe:2.3:a:gerapy:gerapy:0.9.7