CVE-2016-10579

Name of the Vulnerable Software and Affected Versions Chromedriver versions prior to 2.26.1

Description The issue allows for a man-in-the-middle (MITM) attack due to the insecure download of binary resources over HTTP. This could potentially lead to remote code execution (RCE) if an attacker intercepts and modifies the downloaded binary, replacing it with a malicious one. An attacker with a privileged network position can modify or read resources at will, which may result in arbitrary code execution.

Recommendations Update to version 2.26.1 or later.