CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-1892

A Regular Expression Denial of Service (ReDoS) vulnerability exists in the XMLFeedSpider class of the scrapy/scrapy project, specifically in the parsing of XML content. By crafting malicious XML content that exploits inefficient regular expression complexity used in the parsing process, an attacker can cause a denial-of-service (DoS) condition. This vulnerability allows for the system to hang and consume significant resources, potentially rendering services that utilize Scrapy for XML processing unresponsive.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.4%

CVSS Severity

CVSS v3 Score 7.5

References

Products affected by CVE-2024-1892

Scrapy » Scrapy » Version: N/A

cpe:2.3:a:scrapy:scrapy:-
Scrapy » Scrapy » Version: 0.10

cpe:2.3:a:scrapy:scrapy:0.10
Scrapy » Scrapy » Version: 0.10.1

cpe:2.3:a:scrapy:scrapy:0.10.1
Scrapy » Scrapy » Version: 0.10.2

cpe:2.3:a:scrapy:scrapy:0.10.2
Scrapy » Scrapy » Version: 0.10.3

cpe:2.3:a:scrapy:scrapy:0.10.3
Scrapy » Scrapy » Version: 0.14.0

cpe:2.3:a:scrapy:scrapy:0.14.0
Scrapy » Scrapy » Version: 0.14.1

cpe:2.3:a:scrapy:scrapy:0.14.1
Scrapy » Scrapy » Version: 0.14.2

cpe:2.3:a:scrapy:scrapy:0.14.2
Scrapy » Scrapy » Version: 0.14.3

cpe:2.3:a:scrapy:scrapy:0.14.3
Scrapy » Scrapy » Version: 0.14.4

cpe:2.3:a:scrapy:scrapy:0.14.4
Scrapy » Scrapy » Version: 0.15.0

cpe:2.3:a:scrapy:scrapy:0.15.0
Scrapy » Scrapy » Version: 0.15.1

cpe:2.3:a:scrapy:scrapy:0.15.1
Scrapy » Scrapy » Version: 0.16.0

cpe:2.3:a:scrapy:scrapy:0.16.0
Scrapy » Scrapy » Version: 0.16.1

cpe:2.3:a:scrapy:scrapy:0.16.1
Scrapy » Scrapy » Version: 0.16.2

cpe:2.3:a:scrapy:scrapy:0.16.2
Scrapy » Scrapy » Version: 0.16.3

cpe:2.3:a:scrapy:scrapy:0.16.3
Scrapy » Scrapy » Version: 0.16.4

cpe:2.3:a:scrapy:scrapy:0.16.4
Scrapy » Scrapy » Version: 0.16.5

cpe:2.3:a:scrapy:scrapy:0.16.5
Scrapy » Scrapy » Version: 0.17.0

cpe:2.3:a:scrapy:scrapy:0.17.0
Scrapy » Scrapy » Version: 0.18.0

cpe:2.3:a:scrapy:scrapy:0.18.0
Scrapy » Scrapy » Version: 0.18.1

cpe:2.3:a:scrapy:scrapy:0.18.1
Scrapy » Scrapy » Version: 0.18.2

cpe:2.3:a:scrapy:scrapy:0.18.2
Scrapy » Scrapy » Version: 0.18.3

cpe:2.3:a:scrapy:scrapy:0.18.3
Scrapy » Scrapy » Version: 0.18.4

cpe:2.3:a:scrapy:scrapy:0.18.4
Scrapy » Scrapy » Version: 0.19.0

cpe:2.3:a:scrapy:scrapy:0.19.0
Scrapy » Scrapy » Version: 0.20.0

cpe:2.3:a:scrapy:scrapy:0.20.0
Scrapy » Scrapy » Version: 0.20.1

cpe:2.3:a:scrapy:scrapy:0.20.1
Scrapy » Scrapy » Version: 0.20.2

cpe:2.3:a:scrapy:scrapy:0.20.2
Scrapy » Scrapy » Version: 0.21.0

cpe:2.3:a:scrapy:scrapy:0.21.0
Scrapy » Scrapy » Version: 0.22.0

cpe:2.3:a:scrapy:scrapy:0.22.0
Scrapy » Scrapy » Version: 0.22.1

cpe:2.3:a:scrapy:scrapy:0.22.1
Scrapy » Scrapy » Version: 0.22.2

cpe:2.3:a:scrapy:scrapy:0.22.2
Scrapy » Scrapy » Version: 0.23.0

cpe:2.3:a:scrapy:scrapy:0.23.0
Scrapy » Scrapy » Version: 0.24.0

cpe:2.3:a:scrapy:scrapy:0.24.0
Scrapy » Scrapy » Version: 0.24.1

cpe:2.3:a:scrapy:scrapy:0.24.1
Scrapy » Scrapy » Version: 0.24.2

cpe:2.3:a:scrapy:scrapy:0.24.2
Scrapy » Scrapy » Version: 0.24.3

cpe:2.3:a:scrapy:scrapy:0.24.3
Scrapy » Scrapy » Version: 0.24.4

cpe:2.3:a:scrapy:scrapy:0.24.4
Scrapy » Scrapy » Version: 0.24.5

cpe:2.3:a:scrapy:scrapy:0.24.5
Scrapy » Scrapy » Version: 0.24.6

cpe:2.3:a:scrapy:scrapy:0.24.6
Scrapy » Scrapy » Version: 0.25.0

cpe:2.3:a:scrapy:scrapy:0.25.0
Scrapy » Scrapy » Version: 0.25.1

cpe:2.3:a:scrapy:scrapy:0.25.1
Scrapy » Scrapy » Version: 0.7

cpe:2.3:a:scrapy:scrapy:0.7
Scrapy » Scrapy » Version: 0.8

cpe:2.3:a:scrapy:scrapy:0.8
Scrapy » Scrapy » Version: 0.9

cpe:2.3:a:scrapy:scrapy:0.9
Scrapy » Scrapy » Version: 1.0.0

cpe:2.3:a:scrapy:scrapy:1.0.0
Scrapy » Scrapy » Version: 1.0.1

cpe:2.3:a:scrapy:scrapy:1.0.1
Scrapy » Scrapy » Version: 1.0.2

cpe:2.3:a:scrapy:scrapy:1.0.2
Scrapy » Scrapy » Version: 1.0.3

cpe:2.3:a:scrapy:scrapy:1.0.3
Scrapy » Scrapy » Version: 1.0.4

cpe:2.3:a:scrapy:scrapy:1.0.4
Scrapy » Scrapy » Version: 1.0.5

cpe:2.3:a:scrapy:scrapy:1.0.5
Scrapy » Scrapy » Version: 1.0.6

cpe:2.3:a:scrapy:scrapy:1.0.6
Scrapy » Scrapy » Version: 1.0.7

cpe:2.3:a:scrapy:scrapy:1.0.7
Scrapy » Scrapy » Version: 1.1.0

cpe:2.3:a:scrapy:scrapy:1.1.0
Scrapy » Scrapy » Version: 1.1.1

cpe:2.3:a:scrapy:scrapy:1.1.1
Scrapy » Scrapy » Version: 1.1.2

cpe:2.3:a:scrapy:scrapy:1.1.2
Scrapy » Scrapy » Version: 1.1.3

cpe:2.3:a:scrapy:scrapy:1.1.3
Scrapy » Scrapy » Version: 1.1.4

cpe:2.3:a:scrapy:scrapy:1.1.4
Scrapy » Scrapy » Version: 1.2.0

cpe:2.3:a:scrapy:scrapy:1.2.0
Scrapy » Scrapy » Version: 1.2.1

cpe:2.3:a:scrapy:scrapy:1.2.1
Scrapy » Scrapy » Version: 1.2.2

cpe:2.3:a:scrapy:scrapy:1.2.2
Scrapy » Scrapy » Version: 1.2.3

cpe:2.3:a:scrapy:scrapy:1.2.3
Scrapy » Scrapy » Version: 1.3.0

cpe:2.3:a:scrapy:scrapy:1.3.0
Scrapy » Scrapy » Version: 1.3.1

cpe:2.3:a:scrapy:scrapy:1.3.1
Scrapy » Scrapy » Version: 1.3.2

cpe:2.3:a:scrapy:scrapy:1.3.2
Scrapy » Scrapy » Version: 1.3.3

cpe:2.3:a:scrapy:scrapy:1.3.3
Scrapy » Scrapy » Version: 1.4

cpe:2.3:a:scrapy:scrapy:1.4
Scrapy » Scrapy » Version: 1.5.0

cpe:2.3:a:scrapy:scrapy:1.5.0
Scrapy » Scrapy » Version: 1.5.1

cpe:2.3:a:scrapy:scrapy:1.5.1
Scrapy » Scrapy » Version: 1.5.2

cpe:2.3:a:scrapy:scrapy:1.5.2
Scrapy » Scrapy » Version: 1.6.0

cpe:2.3:a:scrapy:scrapy:1.6.0
Scrapy » Scrapy » Version: 1.7.0

cpe:2.3:a:scrapy:scrapy:1.7.0
Scrapy » Scrapy » Version: 1.7.1

cpe:2.3:a:scrapy:scrapy:1.7.1
Scrapy » Scrapy » Version: 1.7.2

cpe:2.3:a:scrapy:scrapy:1.7.2
Scrapy » Scrapy » Version: 1.7.3

cpe:2.3:a:scrapy:scrapy:1.7.3
Scrapy » Scrapy » Version: 1.7.4

cpe:2.3:a:scrapy:scrapy:1.7.4
Scrapy » Scrapy » Version: 1.8.0

cpe:2.3:a:scrapy:scrapy:1.8.0
Scrapy » Scrapy » Version: 1.8.1

cpe:2.3:a:scrapy:scrapy:1.8.1
Scrapy » Scrapy » Version: 2.0.0

cpe:2.3:a:scrapy:scrapy:2.0.0
Scrapy » Scrapy » Version: 2.0.1

cpe:2.3:a:scrapy:scrapy:2.0.1
Scrapy » Scrapy » Version: 2.1.0

cpe:2.3:a:scrapy:scrapy:2.1.0
Scrapy » Scrapy » Version: 2.10.0

cpe:2.3:a:scrapy:scrapy:2.10.0
Scrapy » Scrapy » Version: 2.10.1

cpe:2.3:a:scrapy:scrapy:2.10.1
Scrapy » Scrapy » Version: 2.11.0

cpe:2.3:a:scrapy:scrapy:2.11.0
Scrapy » Scrapy » Version: 2.2.0

cpe:2.3:a:scrapy:scrapy:2.2.0
Scrapy » Scrapy » Version: 2.2.1

cpe:2.3:a:scrapy:scrapy:2.2.1
Scrapy » Scrapy » Version: 2.3.0

cpe:2.3:a:scrapy:scrapy:2.3.0
Scrapy » Scrapy » Version: 2.4.0

cpe:2.3:a:scrapy:scrapy:2.4.0
Scrapy » Scrapy » Version: 2.4.1

cpe:2.3:a:scrapy:scrapy:2.4.1
Scrapy » Scrapy » Version: 2.5.0

cpe:2.3:a:scrapy:scrapy:2.5.0
Scrapy » Scrapy » Version: 2.5.1

cpe:2.3:a:scrapy:scrapy:2.5.1
Scrapy » Scrapy » Version: 2.6.0

cpe:2.3:a:scrapy:scrapy:2.6.0
Scrapy » Scrapy » Version: 2.6.1

cpe:2.3:a:scrapy:scrapy:2.6.1
Scrapy » Scrapy » Version: 2.6.2

cpe:2.3:a:scrapy:scrapy:2.6.2
Scrapy » Scrapy » Version: 2.6.3

cpe:2.3:a:scrapy:scrapy:2.6.3
Scrapy » Scrapy » Version: 2.7.0

cpe:2.3:a:scrapy:scrapy:2.7.0
Scrapy » Scrapy » Version: 2.7.1

cpe:2.3:a:scrapy:scrapy:2.7.1
Scrapy » Scrapy » Version: 2.8.0

cpe:2.3:a:scrapy:scrapy:2.8.0
Scrapy » Scrapy » Version: 2.9.0

cpe:2.3:a:scrapy:scrapy:2.9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-1892

Products

Pricing

Contact Us