Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update dependency chromedriver to v119 [SECURITY] #374

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Nov 10, 2023

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
chromedriver 90.0.1 -> 119.0.1 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2023-26156

Versions of the package chromedriver before 119.0.1 are vulnerable to Command Injection when setting the chromedriver.path to an arbitrary system binary. This could lead to unauthorized access and potentially malicious actions on the host system.

Note:

An attacker must have access to the system running the vulnerable chromedriver library to exploit it. The success of exploitation also depends on the permissions and privileges of the process running chromedriver.


Release Notes

giggio/node-chromedriver (chromedriver)

v119.0.1

Compare Source

v119.0.0

Compare Source

v118.0.1

Compare Source

v118.0.0

Compare Source

v117.0.3

Compare Source

v117.0.2

Compare Source

v117.0.1

Compare Source

v117.0.0

Compare Source

v116.0.0

Compare Source

v115.0.1

Compare Source

v115.0.0

Compare Source

v114.0.3

Compare Source

v114.0.2

Compare Source

v114.0.1

Compare Source

v114.0.0

Compare Source

v113.0.0

Compare Source

v112.0.1

Compare Source

v112.0.0

Compare Source

v111.0.0

Compare Source

v110.0.0

Compare Source

v109.0.0

Compare Source

v108.0.0

Compare Source

v107.0.3

Compare Source

v107.0.2

Compare Source

v107.0.1

Compare Source

v107.0.0

Compare Source

v106.0.1

Compare Source

v106.0.0

Compare Source

v105.0.1

Compare Source

v105.0.0

Compare Source

v104.0.0

Compare Source

v103.0.0

Compare Source

v102.0.0

Compare Source

v101.0.0

Compare Source

v100.0.0

Compare Source

v99.0.0

Compare Source

v98.0.1

Compare Source

v98.0.0

Compare Source

v97.0.4

Compare Source

v97.0.3

Compare Source

v97.0.2

Compare Source

v97.0.1

Compare Source

v97.0.0

Compare Source

v96.0.0

Compare Source

v95.0.0

Compare Source

v94.0.0

Compare Source

v93.0.1

Compare Source

v93.0.0

Compare Source

v92.0.2

Compare Source

v92.0.1

Compare Source

v92.0.0

Compare Source

v91.0.1

Compare Source

v91.0.0

Compare Source


Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot changed the title Update dependency chromedriver to v119 [SECURITY] Update dependency chromedriver to v119 [SECURITY] - autoclosed Jan 28, 2024
@renovate renovate bot closed this Jan 28, 2024
@renovate renovate bot deleted the renovate/npm-chromedriver-vulnerability branch January 28, 2024 21:41
@renovate renovate bot changed the title Update dependency chromedriver to v119 [SECURITY] - autoclosed Update dependency chromedriver to v119 [SECURITY] Jan 29, 2024
@renovate renovate bot reopened this Jan 29, 2024
@renovate renovate bot restored the renovate/npm-chromedriver-vulnerability branch January 29, 2024 02:11
@renovate renovate bot force-pushed the renovate/npm-chromedriver-vulnerability branch from 4a959cc to 91e2a1f Compare January 29, 2024 02:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants