selenium

PyPI2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting seleniumpage 1 of 1

CVE-2022-28108HIGHCVSS 8.8EG 8.8✓ Fixed in 4.0.0
2022-04-19
vulnerable: 0.9.2 ... 4.0.0rc3 (156 versions)
Selenium Server (Grid) before 4 allows CSRF because it permits non-JSON content types such as application/x-www-form-urlencoded, multipart/form-data, and text/plain.
CVE-2023-5590HIGHCVSS 7.5EG 7.5✓ Fixed in 4.14.0
2023-10-15
vulnerable: 0.9.2 ... 4.9.1 (187 versions)
NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0.

Check whether selenium is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for selenium CVEs against the assets you own.

Start Free Scan →