漏洞标题
在scrapy/scrapy的方案更改重定向中泄露Authorization头部
漏洞描述信息
在scrapy/scrapy中,发现了一个问题,即在更改仅改变方案(例如HTTPS到HTTP)但仍然在同一域内的重定向时,不会删除Authorization头。这种行为违反了Fetch标准,该标准要求在更改方案、主机或端口的跨域请求中删除Authorization头。因此,当从HTTPS降级到HTTP时,可能会意外地以明文形式暴露Authorization头,导致敏感信息泄露给未经授权的实体。此漏洞位于重定向中间件的_build_redirect_request函数中。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
漏洞类别
信息暴露
漏洞标题
Authorization Header Leakage in scrapy/scrapy on Scheme Change Redirects
漏洞描述信息
In scrapy/scrapy, an issue was identified where the Authorization header is not removed during redirects that only change the scheme (e.g., HTTPS to HTTP) but remain within the same domain. This behavior contravenes the Fetch standard, which mandates the removal of Authorization headers in cross-origin requests when the scheme, host, or port changes. Consequently, when a redirect downgrades from HTTPS to HTTP, the Authorization header may be inadvertently exposed in plaintext, leading to potential sensitive information disclosure to unauthorized actors. The flaw is located in the _build_redirect_request function of the redirect middleware.
CVSS信息
N/A
漏洞类别
信息暴露
漏洞标题
scrapy 信息泄露漏洞
漏洞描述信息
Scrapy是一个用Python编写的自由且开源的网络爬虫框架。 scrapy存在信息泄露漏洞,该漏洞源于授权标头可能会无意中以明文形式暴露,从而导致潜在的敏感信息泄露。
CVSS信息
N/A
漏洞类别
信息泄露