geckodriver

Link	package \| bugs open \| bugs closed \| Wiki \| GitHub \| web search
Description	Proxy for using W3C WebDriver-compatible clients to interact with Gecko-based browsers.
Version	0.35.0-1 [extra]

Resolved

Group	Affected	Fixed	Severity	Status	Ticket
AVG-2180	0.26.0-1	0.29.1-1	Medium	Fixed	FS#71558

Issue	Group	Severity	Remote	Type	Description
CVE-2020-15660	AVG-2180	Medium	Yes	Cross-site request forgery	Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a cross-site request forgery (CSRF) vulnerability, that might, when paired...

Advisories

Date	Advisory	Group	Severity	Type
27 Jul 2021	ASA-202107-71	AVG-2180	Medium	cross-site request forgery