CVE-2016-10609

Name of the Vulnerable Software and Affected Versions chromedriver126 version 1.26

Description The issue allows for a man-in-the-middle (MITM) attack due to the insecure download of binary resources over HTTP. This could potentially lead to remote code execution (RCE) if an attacker intercepts the download and replaces the binary with a malicious one. The risk of exploitation is heightened when connected to public networks or if an attacker has a privileged network position.

Recommendations For chromedriver126 version 1.26, consider avoiding the use of this package until a secure version is available. As a temporary mitigation measure, avoid installing this package while connected to a public network to reduce the risk of exploitation. If the package is installed on a private network, ensure that network security is maintained to prevent unauthorized access.