EUVD-2025-14900

Malicious code in bioql PyPI...

XML External Entity (XXE)

io.github.bonigarcia, webdrivermanager is vulnerable to XML External Entity XXE. The vulnerability is due to insufficient restrictions on XML parsers, allowing external entity expansion "Billion Laughs" attack that can lead to Denial of Service...

CVE-2025-4641

Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager WebDriverManager on Windows, MacOS, Linux XML parsing components modules allows Data Serialization External Entities Blowup. This vulnerability is associated with program files...

GHSA-PWM3-776C-8Q7Q BoniGarcia WebDriverManager Affected By Improper Restriction of XML External Entity Reference

Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager on Windows, MacOS, Linux XML parsing components modules allows Data Serialization External Entities Blowup. This vulnerability is associated with program files...

BoniGarcia WebDriverManager Affected By Improper Restriction of XML External Entity Reference

Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager on Windows, MacOS, Linux XML parsing components modules allows Data Serialization External Entities Blowup. This vulnerability is associated with program files...

ai.dev-tools:ai-devtools (>=0.1.12 <=0.1.20), ai.dev-tools:ai-devtools-selenium (>=0.1.2 <=0.1.11) +599 more potentially affected by CVE-2025-4641 via io.github.bonigarcia:webdrivermanager (>=1.0.0 <=6.0.1)

io.github.bonigarcia:webdrivermanager MAVEN version =1.0.0, =0.1.12, =0.1.2, =0.1.1, =0.0.3, =0.2.6, =0.2.48 and more Source cves: CVE-2025-4641 Source advisory: OSV:GHSA-PWM3-776C-8Q7Q...

CVE-2025-4641

Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager WebDriverManager on Windows, MacOS, Linux XML parsing components modules allows Data Serialization External Entities Blowup. This vulnerability is associated with program files...

CVE-2025-4641

Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager WebDriverManager on Windows, MacOS, Linux XML parsing components modules allows Data Serialization External Entities Blowup. This vulnerability is associated with program files...

XML External Entity (XXE) Injection

Overview Affected versions of this package are vulnerable to XML External Entity XXE Injection. An attacker can cause denial of service or access sensitive information by sending specially crafted XML data. Details XXE Injection is a type of attack against an application that parses XML input. XM...

com.nordstrom.ui-tools:selenium-foundation (>=28.5.1-s3 <=29.8.0-s3), com.sdl.lt:Testy (>=20.08.466.0_eb932e0 <=20.08.487.0_526db13) +7 more potentially affected by CVE-2025-4641 via io.github.bonigarcia:webdrivermanager (>=6.0.0 <=6.0.1)

io.github.bonigarcia:webdrivermanager MAVEN version =6.0.0, =28.5.1-s3, =20.08.466.0eb932e0, =1.0.0-Alpha1, =0.8.1.2, =1.1.6, =0.2.16.16appium, =0.2.23appium Source cves: CVE-2025-4641 Source advisory: SNYK:JAVA-IOGITHUBBONIGARCIA-10380065...

CVE-2025-4641

CVE-2025-4641 affects bonigarcia WebDriverManager (WebDriverManager.java) and is caused by improper restriction of XML External Entity references in XML parsing components. Affected versions are 1.0.0 through before 6.0.2 (per CVE description); remediation in public advisories ranges from upgradi...

CVE-2025-4641 XML External Entity (XXE) injection vulnerability in WebDriverManager

Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager WebDriverManager on Windows, MacOS, Linux XML parsing components modules allows Data Serialization External Entities Blowup. This vulnerability is associated with program files...

CVE-2025-4641 XML External Entity (XXE) injection vulnerability in WebDriverManager

Improper Restriction of XML External Entity Reference vulnerability in bonigarcia webdrivermanager WebDriverManager on Windows, MacOS, Linux XML parsing components modules allows Data Serialization External Entities Blowup. This vulnerability is associated with program files...

PT-2025-21226 · Unknown · Bonigarcia Webdrivermanager

Name of the Vulnerable Software and Affected Versions: bonigarcia webdrivermanager versions 1.0.0 through 6.0.2 Description: The issue is related to an Improper Restriction of XML External Entity Reference, allowing Data Serialization External Entities Blowup. This affects the XML parsing...

WebDriverManager 代码问题漏洞

WebDriverManager is an open source Java library from the individual developer Boni García that manages i.e., downloads, sets up, and maintains the drivers required for Selenium WebDriver in a fully automated manner. A security vulnerability exists in WebDriverManager versions prior to 1.0.0 throu...