- Description
- Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager WebDriverManager on Windows, MacOS, Linux (XML parsing components modules) allows Data Serialization External Entities Blowup. This vulnerability is associated with program files src/main/java/io/github/bonigarcia/wdm/WebDriverManager.java. This issue affects webdrivermanager: from 1.0.0 before 6.0.2.
- Source
- cve_disclosure@tech.gov.sg
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 9.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:H/SI:L/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
- cve_disclosure@tech.gov.sg
- CWE-611
- Hype score
- Not currently trending
Seleniumを使ったブラウザ自動化において、各種ブラウザのドライバ(ChromeDriver、GeckoDriver、EdgeDriverなど)の自動管理を行うツールであるWebDriverManagerに深刻なXXE脆弱性(CVE-2025-4641)が発見された。
@yousukezan
16 May 2025
3452 Impressions
15 Retweets
31 Likes
10 Bookmarks
0 Replies
1 Quote
CVE-2025-4641 Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager WebDriverManager on Windows, MacOS, Linux (XML parsing components mod… https://t.co/DPhNhApGWw
@CVEnew
14 May 2025
236 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-4641: CRITICAL] Vulnerability in bonigarcia webdrivermanager allows Data Serialization External Entities Blowup on Windows, MacOS, Linux. Update to version 6.0.2! #cybersecurity#cve,CVE-2025-4641,#cybersecurity https://t.co/h3cAwPyvOW https://t.co/klnuVDstnc
@CveFindCom
14 May 2025
62 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes