scrapy

pypiv2.15.0

A high-level Web Crawling and Web Scraping framework

109 versions18 deps654,927 weekly downloads

scrapy/scrapy

/100

Health Score

Recommendation

[email protected] is safe to use (health: 77/100)

Health Breakdown

25/25

maintenance

14/20

popularity

23/25

security

15/15

maturity

0/15

community

Vulnerabilities (2)

1 medium1 low

medium

CVE-2017-14158

Scrapy denial of service vulnerability

unknown

CVE-2017-14158

Scrapy 1.4 allows remote attackers to cause a denial of service (memory consumption) via large files because arbitrarily many files are read into memory, which is especially problematic if the files are then individually written in a separate thread to a slow storage resource, as demonstrated by interaction between dataReceived (in core/downloader/handlers/http11.py) and S3FilesStore.

Dependencies (18)

cryptography cssselect defusedxml itemadapter itemloaders lxml packaging parsel protego pydispatcher pyopenssl pypydispatcher queuelib service-identity tldextract twisted w3lib zope-interface

API Access

Get this data programmatically — free, no authentication required:

curl https://depscope.dev/api/check/pypi/scrapy

Last updated: 2026-04-09T12:02:09.990369Z

Data from DepScope — Package Intelligence for AI Agents