CVE-2016-10559
CVE-2016-10559 affects selenium-download (prior to 2.0.7), where binaries (selenium server and chromedriver) are downloaded over HTTP. An attacker on a privileged network position can MITM the download and swap the binary, potentially leading to remote code execution when the user runs the compro...