Nixpkgs Security Tracker

Login with GitHub

Suggestions search

All statuses
Filter by:
With package: google-chrome

Found 99 matching suggestions

Untriaged
Permalink CVE-2011-2807
created 3 days, 23 hours ago
Incorrect handling of timer information in Timer.cpp in WebKit in …

Incorrect handling of timer information in Timer.cpp in WebKit in Google Chrome before Blink M13.

Affected products

Chrome
  • ==before Blink M13

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small
  • nixos-25.11 -
    • nixos-25.11-small
    • nixpkgs-25.11-darwin
Untriaged
Permalink CVE-2011-1803
created 3 days, 23 hours ago
An issue exists in third_party/WebKit/Source/WebCore/svg/animation/SVGSMILElement.h in WebKit in Google Chrome …

An issue exists in third_party/WebKit/Source/WebCore/svg/animation/SVGSMILElement.h in WebKit in Google Chrome before Blink M11 and M12 when trying to access a removed smil element.

Affected products

Chrome
  • ==before Blink M11 and M12

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small
  • nixos-25.11 -
    • nixos-25.11-small
    • nixpkgs-25.11-darwin
Untriaged
Permalink CVE-2011-2335
created 4 days ago
A double-free vulnerability exists in WebKit in Google Chrome before …

A double-free vulnerability exists in WebKit in Google Chrome before Blink M12 in the WebCore::CSSSelector function.

Affected products

Chrome
  • ==before Blink M12

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small
  • nixos-25.11 -
    • nixos-25.11-small
    • nixpkgs-25.11-darwin
Untriaged
Permalink CVE-2011-2336
created 4 days ago
An issue exists in WebKit in Google Chrome before Blink …

An issue exists in WebKit in Google Chrome before Blink M12. when clearing lists in AnimationControllerPrivate that signal when a hardware animation starts.

Affected products

Chrome
  • ==before Blink M12

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small
  • nixos-25.11 -
    • nixos-25.11-small
    • nixpkgs-25.11-darwin
Untriaged
Permalink CVE-2011-1805
created 4 days, 1 hour ago
Bad cast in CSS in Google Chrome prior to 11.0.0.0 …

Bad cast in CSS in Google Chrome prior to 11.0.0.0 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

Affected products

Chrome
  • <11.0.0.0

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small
  • nixos-25.11 -
    • nixos-25.11-small
    • nixpkgs-25.11-darwin
Untriaged
Permalink CVE-2026-2441
updated 6 days, 14 hours ago by @LeSuisse Activity log
  • Created automatic suggestion 1 week, 1 day ago
  • @LeSuisse removed
    29 packages
    • netflix
    • mkchromecast
    • chrome-export
    • go-chromecast
    • xf86videoopenchrome
    • electron-chromedriver
    • chrome-pak-customizer
    • electron-chromedriver_33
    • electron-chromedriver_34
    • electron-chromedriver_35
    • electron-chromedriver_36
    • electron-chromedriver_37
    • electron-chromedriver_38
    • electron-chromedriver_39
    • electron-chromedriver_40
    • xorg.xf86videoopenchrome
    • ocamlPackages.chrome-trace
    • noto-fonts-monochrome-emoji
    • python312Packages.pychromecast
    • python313Packages.pychromecast
    • python314Packages.pychromecast
    • ocamlPackages_latest.chrome-trace
    • python312Packages.undetected-chromedriver
    • python313Packages.undetected-chromedriver
    • python314Packages.undetected-chromedriver
    • grafanaPlugins.ventura-psychrometric-panel
    • curl-impersonate-chrome
    • chrome-token-signing
    • xf86-video-openchrome
    6 days, 14 hours ago
Use after free in CSS in Google Chrome prior to …

Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Affected products

Chrome
  • <145.0.7632.75

Matching in nixpkgs

Package maintainers

Untriaged
Permalink CVE-2026-2321
updated 6 days, 14 hours ago by @LeSuisse Activity log
  • Created automatic suggestion 1 week, 3 days ago
  • @LeSuisse removed
    27 packages
    • netflix
    • mkchromecast
    • go-chromecast
    • chrome-export
    • xf86videoopenchrome
    • chrome-token-signing
    • chrome-pak-customizer
    • curl-impersonate-chrome
    • electron-chromedriver_33
    • electron-chromedriver_34
    • electron-chromedriver_35
    • electron-chromedriver_36
    • electron-chromedriver_37
    • electron-chromedriver_38
    • electron-chromedriver_39
    • electron-chromedriver_40
    • xorg.xf86videoopenchrome
    • ocamlPackages.chrome-trace
    • noto-fonts-monochrome-emoji
    • python312Packages.pychromecast
    • python313Packages.pychromecast
    • python314Packages.pychromecast
    • ocamlPackages_latest.chrome-trace
    • python312Packages.undetected-chromedriver
    • python313Packages.undetected-chromedriver
    • python314Packages.undetected-chromedriver
    • grafanaPlugins.ventura-psychrometric-panel
    6 days, 14 hours ago
Use after free in Ozone in Google Chrome prior to …

Use after free in Ozone in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Affected products

Chrome
  • <145.0.7632.45

Matching in nixpkgs

Package maintainers

Untriaged
Permalink CVE-2026-2313
updated 6 days, 14 hours ago by @LeSuisse Activity log
  • Created automatic suggestion 1 week, 3 days ago
  • @LeSuisse removed
    27 packages
    • netflix
    • mkchromecast
    • chrome-export
    • go-chromecast
    • xf86videoopenchrome
    • chrome-token-signing
    • chrome-pak-customizer
    • curl-impersonate-chrome
    • electron-chromedriver_33
    • electron-chromedriver_34
    • electron-chromedriver_35
    • electron-chromedriver_36
    • electron-chromedriver_37
    • electron-chromedriver_38
    • electron-chromedriver_39
    • electron-chromedriver_40
    • xorg.xf86videoopenchrome
    • ocamlPackages.chrome-trace
    • noto-fonts-monochrome-emoji
    • python312Packages.pychromecast
    • python313Packages.pychromecast
    • python314Packages.pychromecast
    • ocamlPackages_latest.chrome-trace
    • python312Packages.undetected-chromedriver
    • python313Packages.undetected-chromedriver
    • python314Packages.undetected-chromedriver
    • grafanaPlugins.ventura-psychrometric-panel
    6 days, 14 hours ago
Use after free in CSS in Google Chrome prior to …

Use after free in CSS in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Affected products

Chrome
  • <145.0.7632.45

Matching in nixpkgs

Package maintainers

Untriaged
Permalink CVE-2026-2323
updated 6 days, 15 hours ago by @LeSuisse Activity log
  • Created automatic suggestion 1 week, 3 days ago
  • @LeSuisse removed
    26 packages
    • noto-fonts-monochrome-emoji
    • python312Packages.pychromecast
    • python313Packages.pychromecast
    • python314Packages.pychromecast
    • ocamlPackages_latest.chrome-trace
    • python312Packages.undetected-chromedriver
    • python313Packages.undetected-chromedriver
    • python314Packages.undetected-chromedriver
    • xorg.xf86videoopenchrome
    • ocamlPackages.chrome-trace
    • grafanaPlugins.ventura-psychrometric-panel
    • electron-chromedriver_40
    • electron-chromedriver_39
    • electron-chromedriver_37
    • electron-chromedriver_36
    • electron-chromedriver_34
    • electron-chromedriver_33
    • electron-chromedriver_35
    • electron-chromedriver_38
    • xf86videoopenchrome
    • go-chromecast
    • chrome-export
    • mkchromecast
    • netflix
    • chrome-token-signing
    • chrome-pak-customizer
    6 days, 15 hours ago
Inappropriate implementation in Downloads in Google Chrome prior to 145.0.7632.45 …

Inappropriate implementation in Downloads in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

Affected products

Chrome
  • <145.0.7632.45

Matching in nixpkgs

Untriaged
Permalink CVE-2026-2317
updated 6 days, 15 hours ago by @LeSuisse Activity log
  • Created automatic suggestion 1 week, 3 days ago
  • @LeSuisse removed
    27 packages
    • grafanaPlugins.ventura-psychrometric-panel
    • python314Packages.undetected-chromedriver
    • python313Packages.undetected-chromedriver
    • python312Packages.undetected-chromedriver
    • ocamlPackages_latest.chrome-trace
    • python314Packages.pychromecast
    • python312Packages.pychromecast
    • noto-fonts-monochrome-emoji
    • ocamlPackages.chrome-trace
    • python313Packages.pychromecast
    • xorg.xf86videoopenchrome
    • electron-chromedriver_40
    • electron-chromedriver_39
    • electron-chromedriver_38
    • electron-chromedriver_37
    • electron-chromedriver_36
    • electron-chromedriver_35
    • electron-chromedriver_34
    • electron-chromedriver_33
    • curl-impersonate-chrome
    • chrome-token-signing
    • chrome-pak-customizer
    • xf86videoopenchrome
    • go-chromecast
    • chrome-export
    • mkchromecast
    • netflix
    6 days, 15 hours ago
Inappropriate implementation in Animation in Google Chrome prior to 145.0.7632.45 …

Inappropriate implementation in Animation in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

Affected products

Chrome
  • <145.0.7632.45

Matching in nixpkgs

Package maintainers