Nixpkgs security tracker
8.8 HIGH
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): Required (R)
- Scope (S): Unchanged (U)
- Confidentiality (C): High (H)
- Integrity (I): High (H)
- Availability (A): High (H)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): Required (R)
- Modified Confidentiality (MC): High (H)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): High (H)
- Modified Availability (MA): High (H)
Activity log
- Created suggestion
Insufficient validation of untrusted input in Navigation in Google Chrome …
Insufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
References
Affected products
- <146.0.7680.153
Matching in nixpkgs
pkgs.netflix
Open Netflix in Google Chrome app mode
pkgs.chromedriver
WebDriver server for running Selenium tests on Chrome
-
nixos-unstable 146.0.7680.80
- nixpkgs-unstable 146.0.7680.80
- nixos-unstable-small 146.0.7680.153
-
nixos-25.11 146.0.7680.80
- nixos-25.11-small 146.0.7680.80
- nixpkgs-25.11-darwin 146.0.7680.80
pkgs.mkchromecast
Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices
-
nixos-unstable 2025-12-21
- nixpkgs-unstable 2025-12-21
- nixos-unstable-small 2025-12-21
-
nixos-25.11 2022-10-31
- nixos-25.11-small 2022-10-31
- nixpkgs-25.11-darwin 2022-10-31
pkgs.chrome-export
Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files
pkgs.go-chromecast
CLI for Google Chromecast, Home devices and Cast Groups
pkgs.google-chrome
Freeware web browser developed by Google
-
nixos-unstable 146.0.7680.80
- nixpkgs-unstable 146.0.7680.80
- nixos-unstable-small 146.0.7680.153
-
nixos-25.11 146.0.7680.80
- nixos-25.11-small 146.0.7680.153
- nixpkgs-25.11-darwin 146.0.7680.80
pkgs.xf86videoopenchrome
VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server
pkgs.chrome-token-signing
Chrome and Firefox extension for signing with your eID on the web
pkgs.chrome-pak-customizer
Simple batch tool to customize pak files in chrome or chromium-based browser
-
nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24
-
nixos-25.11 2.0-unstable-2021-06-24
- nixos-25.11-small 2.0-unstable-2021-06-24
- nixpkgs-25.11-darwin 2.0-unstable-2021-06-24
pkgs.electron-chromedriver
WebDriver server for running Selenium tests on Chrome
pkgs.xf86-video-openchrome
VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server
pkgs.curl-impersonate-chrome
Special build of curl that can impersonate Chrome & Firefox
pkgs.undetected-chromedriver
Custom Selenium ChromeDriver that passes all bot mitigation systems
-
nixos-unstable 146.0.7680.80
- nixpkgs-unstable 146.0.7680.80
- nixos-unstable-small 146.0.7680.153
-
nixos-25.11 146.0.7680.80
- nixos-25.11-small 146.0.7680.80
- nixpkgs-25.11-darwin 146.0.7680.80
pkgs.electron-chromedriver_33
WebDriver server for running Selenium tests on Chrome
pkgs.electron-chromedriver_34
WebDriver server for running Selenium tests on Chrome
pkgs.electron-chromedriver_35
WebDriver server for running Selenium tests on Chrome
pkgs.electron-chromedriver_36
WebDriver server for running Selenium tests on Chrome
pkgs.electron-chromedriver_37
WebDriver server for running Selenium tests on Chrome
pkgs.electron-chromedriver_38
WebDriver server for running Selenium tests on Chrome
pkgs.electron-chromedriver_39
WebDriver server for running Selenium tests on Chrome
pkgs.electron-chromedriver_40
WebDriver server for running Selenium tests on Chrome
pkgs.electron-chromedriver_41
WebDriver server for running Selenium tests on Chrome
pkgs.xorg.xf86videoopenchrome
None
pkgs.ocamlPackages.chrome-trace
Chrome trace event generation library
pkgs.noto-fonts-monochrome-emoji
Monochrome emoji font
pkgs.python312Packages.pychromecast
Library for Python to communicate with the Google Chromecast
pkgs.python313Packages.pychromecast
Library for Python to communicate with the Google Chromecast
pkgs.python314Packages.pychromecast
Library for Python to communicate with the Google Chromecast
pkgs.ocamlPackages_latest.chrome-trace
Chrome trace event generation library
pkgs.python312Packages.undetected-chromedriver
Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems
pkgs.python313Packages.undetected-chromedriver
Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems
pkgs.python314Packages.undetected-chromedriver
Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems
Package maintainers
-
@bdesham Benjamin Esham <benjamin@esham.io>
-
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
-
@mmahut Marek Mahut <marek.mahut@gmail.com>
-
@emilylange Emily Lange <nix@emilylange.de>
-
@networkException networkException <nix@nwex.de>
-
@GGG-KILLER GGG <github@ggg.dev>
-
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
-
@yayayayaka Yaya <github@uwu.is>
-
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
-
@johnrtitor Masum Reza <masumrezarock100@gmail.com>
-
@Shou Benedict Aas <x+g@shou.io>
-
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
-
@nicoonoclaste nicoo <nicoo@debian.org>
-
@abbradar Nikolay Amiantov <ab@fmap.me>
-
@TomaSajt TomaSajt
-
@teutat3s teutat3s <teutates@mailbox.org>
-
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>