Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-pwm3-776c-8q7q: BoniGarcia WebDriverManager Affected By Improper Restriction of XML External Entity Reference

Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager on Windows, MacOS, Linux (XML parsing components modules) allows Data Serialization External Entities Blowup. This vulnerability is associated with program files src/main/java/io/github/bonigarcia/wdm/WebDriverManager.java.

This issue affects webdrivermanager: from 1.0.0 before 6.1.0.

ghsa
Open in Source
#vulnerability#web#mac#windows#linux#git#java#maven
  1. GitHub Advisory Database
  2. GitHub Reviewed
  3. CVE-2025-4641

BoniGarcia WebDriverManager Affected By Improper Restriction of XML External Entity Reference

Critical severity GitHub Reviewed Published May 14, 2025 to the GitHub Advisory Database • Updated May 15, 2025

Package

maven io.github.bonigarcia:webdrivermanager (Maven)

Affected versions

>= 1.0.0, < 6.1.0

Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager on Windows, MacOS, Linux (XML parsing components modules) allows Data Serialization External Entities Blowup. This vulnerability is associated with program files src/main/java/io/github/bonigarcia/wdm/WebDriverManager.java.

This issue affects webdrivermanager: from 1.0.0 before 6.1.0.

References

  • https://nvd.nist.gov/vuln/detail/CVE-2025-4641
  • bonigarcia/webdrivermanager#1458

Published to the GitHub Advisory Database

May 14, 2025

Last updated

May 15, 2025

ghsa: Latest News

GHSA-9fwj-9mjf-rhj3: laravel-auth0 SDK Vulnerable to Brute Force Authentication Tags of CookieStore Sessions
ghsa