VYPR

npm package

macaca-chromedriver-zxa

pkg:npm/macaca-chromedriver-zxa

Vulnerabilities (1)

  • CVE-2016-10623HigJun 1, 2018
    affected <= 0.1.9

    macaca-chromedriver-zxa is a Node.js wrapper for the selenium chromedriver. macaca-chromedriver-zxa downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with