CVE-2016-10579
Chromedriver (the NPM wrapper for selenium ChromeDriver) before version 2.26.1 downloads binary resources over HTTP, enabling MitM modification or interception of the downloaded binary. This can potentially lead to remote code execution if an attacker on the network swaps the binary with a malici...