Version 4.28.1

selenium

Official Python bindings for Selenium WebDriver

Install Instructions

pip install selenium
Current Version Release Date January 23, 2025
Language Python
Package URL (purl) pkg:pip/selenium@4.28.1

Find selenium vulnerabilities in your supply chain.

Scan for Free

selenium Vulnerabilities

Sort by
icon CVE (Latest)
  • icon CVE (Latest)
  • icon CVE (Oldest)
  • icon CVSS Score (Highest)
  • icon CVSS Score (Lowest)
CVE question mark icon CVSS Score question mark icon CWE(s) question mark icon EPSS Score question mark icon EPSS % question mark icon Impacted Versions
CVE-2023-5590 High 7.5 CWE-476 0.00066 0.31774
  • 4.0.0–4.13.0
  • 3.0.0–3.141.0
  • 2.0.0–2.0dev6
  • 1.0.1–1.0.3
  • 0.9.2
CVE-2022-28108 High 8.8 CWE-352 0.51768 0.97716
  • 4.0.0.rc1–4.0.0a6.post2
  • 3.0.0–3.141.0
  • 2.0.0–2.0dev6
  • 1.0.1–1.0.3
  • 0.9.2

selenium Vulnerability Remediation Guidance

CVE Description Full list of Impacted Versions Fix
CVE-2023-5590 NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0. 4.7.2, 4.0.0.b2.post1, 4.4.0, 4.1.5, 4.1.2, 4.10.0, 4.0.0a6.post1, 4.0.0rc3 (Show all) Minor → 4.14.0
CVE-2022-28108 Selenium Server (Grid) before 4 allows CSRF because it permits non-JSON content types such as application/x-www-form-urlencoded, multipart/form-data, and text/plain. 4.0.0.b2.post1, 4.0.0a6.post1, 4.0.0rc3, 4.0.0rc2, 4.0.0.rc1, 4.0.0.b4, 4.0.0.b3, 4.0.0.b2 (Show all) Patch → 4.14.0

Instantly see if these selenium vulnerabilities affect your code.

Scan for Free

Dependencies

Packages using versions of selenium affected by its vulnerabilities

Dependent Packages
urllib3[socks]<3,>=1.26
trio~=0.17
trio-websocket~=0.9
certifi>=2021.10.8
typing_extensions~=4.9
websocket-client~=1.8