2244345 – (CVE-2023-5590) CVE-2023-5590 selenium: potential null pointer access in CookieManager

Bug 2244345 (CVE-2023-5590) - CVE-2023-5590 selenium: potential null pointer access in CookieManager

Summary: CVE-2023-5590 selenium: potential null pointer access in CookieManager

Keywords:
Status:	NEW
Alias:	CVE-2023-5590
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2244347
TreeView+	depends on / blocked

Reported:	2023-10-16 04:29 UTC by Avinash Hanwate
Modified:	2024-02-01 03:42 UTC (History)
CC List:	50 users (show)
Fixed In Version:	selenium 4.14.1
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Avinash Hanwate 2023-10-16 04:29:42 UTC

NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0.

https://github.com/seleniumhq/selenium/commit/023a0d52f106321838ab1c0997e76693f4dcbdf6
https://huntr.dev/bounties/e268cd68-4f34-49bd-878b-82b96dcc0c99

Note You need to log in before you can comment on or make changes to this bug.

aileenc
asoldano
ataylor
bbaranow
bmaxwell
boliveir
brian.stansberry
cdewolf
chazlett
cmiranda
darran.lofthouse
dhanak
dkreling
dosoudil
drichtar
eric.wittmann
fjuma
fmongiar
gmalinko
ibek
ivassile
iweiss
janstey
jnethert
jrokos
jross
kverlaen
lgao
mnovotny
mosmerov
msochure
mstefank
msvehla
mulliken
nwallace
pantinor
pcongius
pdelbell
pdrozd
peholase
pjindal
pmackay
pskopek
rguimara
rkieley
rowaters
rstancel
smaestri
sthorger
tom.jenkinson