VYPR

npm package

windows-latestchromedriver

pkg:npm/windows-latestchromedriver

Vulnerabilities (1)

  • CVE-2016-10696HigJun 4, 2018
    affected >= 0.0.0

    windows-latestchromedriver downloads the latest version of chromedriver.exe. windows-latestchromedriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resource