Nixpkgs security tracker
4.3 MEDIUM
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Adjacent (A)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): Low (L)
- Integrity (I): None (N)
- Availability (A): None (N)
- Modified Attack Vector (MAV): Adjacent (A)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): Low (L)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): None (N)
- Modified Availability (MA): None (N)
Activity log
- Created suggestion
Insufficient validation of untrusted input in Cast in Google Chrome …
Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to bypass same origin policy via malicious network traffic. (Chromium security severity: Low)
References
Affected products
- <148.0.7778.96
Matching in nixpkgs
pkgs.netflix
Open Netflix in Google Chrome app mode
pkgs.chromedriver
WebDriver server for running Selenium tests on Chrome
-
nixos-unstable 147.0.7727.137
- nixpkgs-unstable 147.0.7727.137
- nixos-unstable-small 147.0.7727.137
-
nixos-25.11 147.0.7727.137
- nixos-25.11-small 147.0.7727.137
- nixpkgs-25.11-darwin 147.0.7727.137
pkgs.mkchromecast
Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices
-
nixos-unstable 2025-12-21
- nixpkgs-unstable 2025-12-21
- nixos-unstable-small 2025-12-21
-
nixos-25.11 2022-10-31
- nixos-25.11-small 2022-10-31
- nixpkgs-25.11-darwin 2022-10-31
pkgs.chrome-export
Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files
pkgs.go-chromecast
CLI for Google Chromecast, Home devices and Cast Groups
pkgs.google-chrome
Freeware web browser developed by Google
-
nixos-unstable 147.0.7727.137
- nixpkgs-unstable 147.0.7727.137
- nixos-unstable-small 147.0.7727.137
-
nixos-25.11 147.0.7727.137
- nixos-25.11-small 147.0.7727.137
- nixpkgs-25.11-darwin 147.0.7727.137
pkgs.xf86videoopenchrome
VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server
pkgs.chrome-token-signing
Chrome and Firefox extension for signing with your eID on the web
pkgs.chrome-pak-customizer
Simple batch tool to customize pak files in chrome or chromium-based browser
-
nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24
-
nixos-25.11 2.0-unstable-2021-06-24
- nixos-25.11-small 2.0-unstable-2021-06-24
- nixpkgs-25.11-darwin 2.0-unstable-2021-06-24
pkgs.electron-chromedriver
WebDriver server for running Selenium tests on Chrome
pkgs.xf86-video-openchrome
VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server
pkgs.undetected-chromedriver
Custom Selenium ChromeDriver that passes all bot mitigation systems
-
nixos-unstable 147.0.7727.137
- nixpkgs-unstable 147.0.7727.137
- nixos-unstable-small 147.0.7727.137
-
nixos-25.11 147.0.7727.137
- nixos-25.11-small 147.0.7727.137
- nixpkgs-25.11-darwin 147.0.7727.137
pkgs.electron-chromedriver_37
WebDriver server for running Selenium tests on Chrome
pkgs.electron-chromedriver_38
WebDriver server for running Selenium tests on Chrome
pkgs.electron-chromedriver_39
WebDriver server for running Selenium tests on Chrome
pkgs.electron-chromedriver_40
WebDriver server for running Selenium tests on Chrome
pkgs.electron-chromedriver_41
WebDriver server for running Selenium tests on Chrome
pkgs.xorg.xf86videoopenchrome
None
pkgs.ocamlPackages.chrome-trace
Chrome trace event generation library
pkgs.noto-fonts-monochrome-emoji
Monochrome emoji font
pkgs.python312Packages.pychromecast
Library for Python to communicate with the Google Chromecast
pkgs.python313Packages.pychromecast
Library for Python to communicate with the Google Chromecast
pkgs.python314Packages.pychromecast
Library for Python to communicate with the Google Chromecast
pkgs.ocamlPackages_latest.chrome-trace
Chrome trace event generation library
pkgs.python312Packages.undetected-chromedriver
Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems
pkgs.python313Packages.undetected-chromedriver
Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems
pkgs.python314Packages.undetected-chromedriver
Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems
Package maintainers
-
@bdesham Benjamin Esham <benjamin@esham.io>
-
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
-
@mmahut Marek Mahut <marek.mahut@gmail.com>
-
@networkException networkException <nix@nwex.de>
-
@emilylange Emily Lange <nix@emilylange.de>
-
@TomaSajt TomaSajt
-
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
-
@yayayayaka Yaya <github@uwu.is>
-
@teutat3s teutat3s <teutates@mailbox.org>
-
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
-
@iedame Rafael Ieda <git@ieda.me>
-
@mdaniels5757 Michael Daniels <nix@mdaniels.me>
-
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>
-
@Shou Benedict Aas <x+g@shou.io>
-
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
-
@nicoonoclaste nicoo <nicoo@debian.org>