AVG-2180 log

Package geckodriver
Status Fixed
Severity Medium
Type cross-site request forgery
Affected 0.26.0-1
Fixed 0.29.1-1
Current 0.34.0-1 [extra]
Ticket FS#71558
Created Tue Jul 20 15:44:01 2021
Issue Severity Remote Type Description
CVE-2020-15660 Medium Yes Cross-site request forgery
Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a cross-site request forgery (CSRF) vulnerability, that might, when paired...
Date Advisory Package Type
27 Jul 2021 ASA-202107-71 geckodriver cross-site request forgery