Chromedriver
1 CVEs
product
Monthly
Versions of the package chromedriver before 119.0.1 are vulnerable to Command Injection when setting the chromedriver.path to an arbitrary system binary. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.
Command Injection
Authentication Bypass
Chromedriver
NVD
GitHub
CVSS 3.1
7.5
EPSS
2.2%
CVE-2023-26156
npm
EPSS 2%
CVSS 7.5
HIGH
POC
PATCH
This Week
Versions of the package chromedriver before 119.0.1 are vulnerable to Command Injection when setting the chromedriver.path to an arbitrary system binary. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.
Command Injection
Authentication Bypass
Chromedriver
NVD
GitHub