Vulnerabilities (CVE)

Filtered by vendor Mozilla Subscribe
Filtered by product Geckodriver
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-4138 1 Mozilla 1 Geckodriver 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
Improved Host header checks to reject requests not sent to a well-known local hostname or IP, or the server-specified hostname.
CVE-2020-15660 1 Mozilla 1 Geckodriver 2024-11-21 6.8 MEDIUM 8.8 HIGH
Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a CSRF vulnerability, that might, when paired with a specifically prepared request, lead to remote code execution.