Common Gateway Security Fixes

Known Vulnerability in WebProbe Browser Packages

We have identified high‑severity security vulnerabilities in the Google Chrome package used by the WebProbe stack in both Classic Gateway and NextGen Gateway. These vulnerabilities affect core Chromium components responsible for graphics rendering and JavaScript/WebAssembly execution and can be triggered when Chrome processes specially crafted or malicious web content.

To address this issue, the supported browsers and their corresponding drivers have been updated to newer, secure versions:

  • Google Chrome 146.0.7680.80 (ChromeDriver 146.0.7680.80)
  • Mozilla Firefox 147.0.3 (GeckoDriver 0.36.0)
  • Microsoft Edge 146.0.3856.62 (Edge WebDriver 146.0.3856.62)

The updated browser components are available in OpsRamp Gateway version 21.0.1 for both Classic and NextGen Gateways.

We recommend upgrading to Gateway 21.0.1 to ensure WebProbe runs with the latest patched browser components.

  • If you are planning to upgrade to version 21.0.1, no action is required. The patch will automatically update the package.
  • If you are not upgrading to 21.0.1, you must manually update the package using one of the following methods: