-
Notifications
You must be signed in to change notification settings - Fork 516
[GHSA-h7wm-ph43-c39p] Scrapy denial of service vulnerability #6640
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[GHSA-h7wm-ph43-c39p] Scrapy denial of service vulnerability #6640
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Pull request overview
This PR updates a GitHub Security Advisory (GHSA-h7wm-ph43-c39p) for a Scrapy denial of service vulnerability (CVE-2017-14158). The changes expand the range of affected versions and modify the advisory's timestamp.
Changes:
- Updated the last affected version from 2.11.1 to 2.14.1 to reflect a broader range of vulnerable Scrapy versions
- Modified the advisory's timestamp (appears to be reverting to an earlier date)
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Copilot
AI
Jan 12, 2026
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The modified timestamp is being changed from a later date (2024年10月23日) to an earlier date (2024年02月20日), which moves the timestamp backwards by approximately 8 months. This appears incorrect - the modified field should reflect when the advisory was last updated and should typically move forward in time, not backward. If this is truly a correction of an incorrect timestamp, it should be clearly documented why the timestamp is being reverted.
Updates
Comments
Updated impacted versions