Critical severityNVD Advisory· Published May 14, 2025· Updated Apr 15, 2026
CVE-2025-4641
CVE-2025-4641
Description
Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager WebDriverManager on Windows, MacOS, Linux (XML parsing components modules) allows Data Serialization External Entities Blowup. This vulnerability is associated with program files src/main/java/io/github/bonigarcia/wdm/WebDriverManager.java.
This issue affects webdrivermanager: from 1.0.0 before 6.0.2.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
io.github.bonigarcia:webdrivermanagerMaven | >= 1.0.0, < 6.1.0 | 6.1.0 |
Patches
132b0b4d9c21aVulnerability mechanics
Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
3News mentions
0No linked articles in our index yet.