VYPR

geckodriver

by Mozilla Corporation

CVEs (2)

  • CVE-2021-4138May 2, 2022
    risk 0.00cvss epss 0.01

    Improved Host header checks to reject requests not sent to a well-known local hostname or IP, or the server-specified hostname.

  • CVE-2020-15660Jul 20, 2021
    risk 0.00cvss epss 0.01

    Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a CSRF vulnerability, that might, when paired with a specifically prepared request, lead to remote code execution.