Looking to use webdrivermanager-java version 5.1.0 It has a dependency on org.brotli:dec 0.1.2 (dec-0.1.2.jar), which was released in 2017.
NVD reports CVS-2020-8927 about brotli versions before 1.0.8 - but it's not specific to native or java releases.
Can anyone clarify if this CVE applies to the webdrivermanager java release? If so, is there a brotli java release planned to rectify this? 0.1.2 is the most recent in mvnrepository.
If this is an issue, would webdrivermanager consider revising its java code to use another library?
Thanks. Bob