Primary

Context

bonigarcia WebDriverManager XML External Entity Processing Vulnerability

Vulnerability

A vulnerability allowing improper restriction of XML external entity references has been identified in bonigarcia WebDriverManager versions 1.0.0 prior to 6.0.2. This issue is present on Windows, MacOS, and Linux, where the XML parsing components can be exploited to cause data serialization external entity blowup. The vulnerability arises from the WebDriverManager's XML parsing function, which could be manipulated to access local files or perform server-side request forgery (SSRF) attacks.

Impact

Exploitation of this vulnerability could lead to an XML external entity (XXE) attack, allowing an attacker to manipulate XML data processing to access local files or potentially conduct SSRF attacks.

Remediation

Users can update to bonigarcia WebDriverManager version 6.0.2 or later to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.3

exploitability

7.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.3

exploitability

7.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

bonigarcia WebDriverManager XML External Entity Processing Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating