2 matches found
CVE-2025-41234
A mishandling of non-ASCII characters in headers flaw was found in the Spring framework. This flaw allows an attacker to tamper with a file download under specific conditions when content names are user-supplied, and the victim then downloads unintended content. Mitigation Mitigation for this iss...
selenium-download code execution vulnerability
selenium-download is a tool for downloading the latest versions of the selenium standalone server and chromedriver. A security vulnerability exists in selenium-download versions prior to 2.0.7, which arises when the program downloads binary resources over the HTTP protocol. A remote attacker can...