Nixpkgs Security Tracker

Login with GitHub

Suggestions search

All statuses
Filter by:
With package: undetected-chromedriver

Found 99 matching suggestions

Untriaged
Permalink CVE-2026-2318
updated 6 days, 14 hours ago by @LeSuisse Activity log
  • Created automatic suggestion 1 week, 3 days ago
  • @LeSuisse removed
    27 packages
    • netflix
    • mkchromecast
    • chrome-export
    • go-chromecast
    • xf86videoopenchrome
    • chrome-token-signing
    • chrome-pak-customizer
    • curl-impersonate-chrome
    • electron-chromedriver_33
    • electron-chromedriver_34
    • electron-chromedriver_35
    • electron-chromedriver_36
    • electron-chromedriver_37
    • electron-chromedriver_38
    • electron-chromedriver_39
    • electron-chromedriver_40
    • xorg.xf86videoopenchrome
    • ocamlPackages.chrome-trace
    • noto-fonts-monochrome-emoji
    • python312Packages.pychromecast
    • python313Packages.pychromecast
    • python314Packages.pychromecast
    • ocamlPackages_latest.chrome-trace
    • python312Packages.undetected-chromedriver
    • python313Packages.undetected-chromedriver
    • python314Packages.undetected-chromedriver
    • grafanaPlugins.ventura-psychrometric-panel
    6 days, 14 hours ago
Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 …

Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Affected products

Chrome
  • <145.0.7632.45

Matching in nixpkgs

Package maintainers

Untriaged
Permalink CVE-2026-2322
updated 6 days, 14 hours ago by @LeSuisse Activity log
  • Created automatic suggestion 1 week, 3 days ago
  • @LeSuisse removed
    27 packages
    • netflix
    • mkchromecast
    • chrome-export
    • go-chromecast
    • xf86videoopenchrome
    • chrome-token-signing
    • chrome-pak-customizer
    • curl-impersonate-chrome
    • electron-chromedriver_33
    • electron-chromedriver_34
    • electron-chromedriver_35
    • electron-chromedriver_36
    • electron-chromedriver_37
    • electron-chromedriver_38
    • electron-chromedriver_39
    • electron-chromedriver_40
    • xorg.xf86videoopenchrome
    • ocamlPackages.chrome-trace
    • noto-fonts-monochrome-emoji
    • python312Packages.pychromecast
    • python313Packages.pychromecast
    • python314Packages.pychromecast
    • ocamlPackages_latest.chrome-trace
    • python312Packages.undetected-chromedriver
    • python313Packages.undetected-chromedriver
    • python314Packages.undetected-chromedriver
    • grafanaPlugins.ventura-psychrometric-panel
    6 days, 14 hours ago
Inappropriate implementation in File input in Google Chrome prior to …

Inappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

Affected products

Chrome
  • <145.0.7632.45

Matching in nixpkgs

Package maintainers

Untriaged
Permalink CVE-2026-2316
updated 6 days, 15 hours ago by @LeSuisse Activity log
  • Created automatic suggestion 1 week, 3 days ago
  • @LeSuisse removed
    27 packages
    • netflix
    • mkchromecast
    • chrome-export
    • go-chromecast
    • xf86videoopenchrome
    • chrome-token-signing
    • chrome-pak-customizer
    • curl-impersonate-chrome
    • electron-chromedriver_33
    • electron-chromedriver_34
    • electron-chromedriver_35
    • electron-chromedriver_36
    • electron-chromedriver_37
    • electron-chromedriver_38
    • electron-chromedriver_39
    • electron-chromedriver_40
    • xorg.xf86videoopenchrome
    • ocamlPackages.chrome-trace
    • noto-fonts-monochrome-emoji
    • python312Packages.pychromecast
    • python313Packages.pychromecast
    • python314Packages.pychromecast
    • ocamlPackages_latest.chrome-trace
    • python312Packages.undetected-chromedriver
    • python313Packages.undetected-chromedriver
    • python314Packages.undetected-chromedriver
    • grafanaPlugins.ventura-psychrometric-panel
    6 days, 15 hours ago
Insufficient policy enforcement in Frames in Google Chrome prior to …

Insufficient policy enforcement in Frames in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Affected products

Chrome
  • <145.0.7632.45

Matching in nixpkgs

Package maintainers

Untriaged
Permalink CVE-2026-2314
updated 6 days, 15 hours ago by @LeSuisse Activity log
  • Created automatic suggestion 1 week, 3 days ago
  • @LeSuisse removed
    27 packages
    • netflix
    • mkchromecast
    • chrome-export
    • go-chromecast
    • xf86videoopenchrome
    • chrome-token-signing
    • chrome-pak-customizer
    • curl-impersonate-chrome
    • electron-chromedriver_33
    • electron-chromedriver_34
    • electron-chromedriver_35
    • electron-chromedriver_36
    • electron-chromedriver_37
    • electron-chromedriver_38
    • electron-chromedriver_39
    • electron-chromedriver_40
    • xorg.xf86videoopenchrome
    • ocamlPackages.chrome-trace
    • noto-fonts-monochrome-emoji
    • python312Packages.pychromecast
    • python313Packages.pychromecast
    • python314Packages.pychromecast
    • ocamlPackages_latest.chrome-trace
    • python312Packages.undetected-chromedriver
    • python313Packages.undetected-chromedriver
    • python314Packages.undetected-chromedriver
    • grafanaPlugins.ventura-psychrometric-panel
    6 days, 15 hours ago
Heap buffer overflow in Codecs in Google Chrome prior to …

Heap buffer overflow in Codecs in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Affected products

Chrome
  • <145.0.7632.45

Matching in nixpkgs

Package maintainers

Untriaged
Permalink CVE-2026-2320
updated 6 days, 15 hours ago by @LeSuisse Activity log
  • Created automatic suggestion 1 week, 3 days ago
  • @LeSuisse removed
    27 packages
    • netflix
    • mkchromecast
    • chrome-export
    • go-chromecast
    • xf86videoopenchrome
    • chrome-token-signing
    • chrome-pak-customizer
    • curl-impersonate-chrome
    • electron-chromedriver_33
    • electron-chromedriver_34
    • electron-chromedriver_35
    • electron-chromedriver_36
    • electron-chromedriver_37
    • electron-chromedriver_38
    • electron-chromedriver_39
    • electron-chromedriver_40
    • xorg.xf86videoopenchrome
    • ocamlPackages.chrome-trace
    • noto-fonts-monochrome-emoji
    • python312Packages.pychromecast
    • python313Packages.pychromecast
    • python314Packages.pychromecast
    • ocamlPackages_latest.chrome-trace
    • python312Packages.undetected-chromedriver
    • python313Packages.undetected-chromedriver
    • python314Packages.undetected-chromedriver
    • grafanaPlugins.ventura-psychrometric-panel
    6 days, 15 hours ago
Inappropriate implementation in File input in Google Chrome prior to …

Inappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Affected products

Chrome
  • <145.0.7632.45

Matching in nixpkgs

Package maintainers

Untriaged
Permalink CVE-2026-2319
updated 6 days, 14 hours ago by @LeSuisse Activity log
  • Created automatic suggestion 1 week, 3 days ago
  • @LeSuisse removed
    27 packages
    • netflix
    • mkchromecast
    • chrome-export
    • go-chromecast
    • xf86videoopenchrome
    • chrome-token-signing
    • chrome-pak-customizer
    • curl-impersonate-chrome
    • electron-chromedriver_33
    • electron-chromedriver_34
    • electron-chromedriver_35
    • electron-chromedriver_36
    • electron-chromedriver_37
    • electron-chromedriver_38
    • electron-chromedriver_39
    • electron-chromedriver_40
    • xorg.xf86videoopenchrome
    • ocamlPackages.chrome-trace
    • noto-fonts-monochrome-emoji
    • python312Packages.pychromecast
    • python313Packages.pychromecast
    • python314Packages.pychromecast
    • ocamlPackages_latest.chrome-trace
    • python312Packages.undetected-chromedriver
    • python313Packages.undetected-chromedriver
    • python314Packages.undetected-chromedriver
    • grafanaPlugins.ventura-psychrometric-panel
    6 days, 14 hours ago
Race in DevTools in Google Chrome prior to 145.0.7632.45 allowed …

Race in DevTools in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures and install a malicious extension to potentially exploit object corruption via a malicious file. (Chromium security severity: Medium)

Affected products

Chrome
  • <145.0.7632.45

Matching in nixpkgs

Package maintainers

Untriaged
Permalink CVE-2026-2315
updated 6 days, 14 hours ago by @LeSuisse Activity log
  • Created automatic suggestion 1 week, 3 days ago
  • @LeSuisse removed
    27 packages
    • netflix
    • mkchromecast
    • chrome-export
    • go-chromecast
    • xf86videoopenchrome
    • chrome-token-signing
    • chrome-pak-customizer
    • curl-impersonate-chrome
    • electron-chromedriver_33
    • electron-chromedriver_34
    • electron-chromedriver_35
    • electron-chromedriver_36
    • electron-chromedriver_37
    • electron-chromedriver_38
    • electron-chromedriver_39
    • electron-chromedriver_40
    • xorg.xf86videoopenchrome
    • ocamlPackages.chrome-trace
    • noto-fonts-monochrome-emoji
    • python312Packages.pychromecast
    • python313Packages.pychromecast
    • python314Packages.pychromecast
    • ocamlPackages_latest.chrome-trace
    • python312Packages.undetected-chromedriver
    • python313Packages.undetected-chromedriver
    • python314Packages.undetected-chromedriver
    • grafanaPlugins.ventura-psychrometric-panel
    6 days, 14 hours ago
Inappropriate implementation in WebGPU in Google Chrome prior to 145.0.7632.45 …

Inappropriate implementation in WebGPU in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

Affected products

Chrome
  • <145.0.7632.45

Matching in nixpkgs

Package maintainers

Published
Permalink CVE-2026-1862
updated 2 weeks, 2 days ago by @LeSuisse Activity log
  • Created automatic suggestion 2 weeks, 4 days ago
  • @LeSuisse removed
    28 packages
    • electron-chromedriver_40
    • electron-chromedriver_39
    • electron-chromedriver_38
    • electron-chromedriver_37
    • curl-impersonate-chrome
    • electron-chromedriver_33
    • electron-chromedriver_34
    • electron-chromedriver_35
    • electron-chromedriver_36
    • xorg.xf86videoopenchrome
    • ocamlPackages.chrome-trace
    • noto-fonts-monochrome-emoji
    • python312Packages.pychromecast
    • python313Packages.pychromecast
    • python314Packages.pychromecast
    • ocamlPackages_latest.chrome-trace
    • python312Packages.undetected-chromedriver
    • python313Packages.undetected-chromedriver
    • python314Packages.undetected-chromedriver
    • grafanaPlugins.ventura-psychrometric-panel
    • go-chromecast
    • chromedriver
    • mkchromecast
    • netflix
    • chrome-export
    • chrome-token-signing
    • xf86videoopenchrome
    • chrome-pak-customizer
    2 weeks, 2 days ago
  • @LeSuisse accepted 2 weeks, 2 days ago
  • @LeSuisse published on GitHub 2 weeks, 2 days ago
Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 …

Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Affected products

Chrome
  • <144.0.7559.132

Matching in nixpkgs

Package maintainers

https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop.html
Published
Permalink CVE-2026-1861
updated 2 weeks, 2 days ago by @LeSuisse Activity log
  • Created automatic suggestion 2 weeks, 4 days ago
  • @LeSuisse removed
    28 packages
    • chromedriver
    • netflix
    • mkchromecast
    • chrome-export
    • go-chromecast
    • xf86videoopenchrome
    • chrome-token-signing
    • chrome-pak-customizer
    • curl-impersonate-chrome
    • electron-chromedriver_33
    • electron-chromedriver_34
    • electron-chromedriver_35
    • electron-chromedriver_36
    • electron-chromedriver_37
    • electron-chromedriver_38
    • electron-chromedriver_39
    • electron-chromedriver_40
    • xorg.xf86videoopenchrome
    • ocamlPackages.chrome-trace
    • noto-fonts-monochrome-emoji
    • python312Packages.pychromecast
    • python313Packages.pychromecast
    • python314Packages.pychromecast
    • ocamlPackages_latest.chrome-trace
    • python312Packages.undetected-chromedriver
    • python313Packages.undetected-chromedriver
    • python314Packages.undetected-chromedriver
    • grafanaPlugins.ventura-psychrometric-panel
    2 weeks, 2 days ago
  • @LeSuisse accepted 2 weeks, 2 days ago
  • @LeSuisse published on GitHub 2 weeks, 2 days ago
Heap buffer overflow in libvpx in Google Chrome prior to …

Heap buffer overflow in libvpx in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Affected products

Chrome
  • <144.0.7559.132

Matching in nixpkgs

Package maintainers

https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop.html
Untriaged
Permalink CVE-2026-1504
created 3 weeks, 4 days ago
Inappropriate implementation in Background Fetch API in Google Chrome prior …

Inappropriate implementation in Background Fetch API in Google Chrome prior to 144.0.7559.110 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

Affected products

Chrome
  • <144.0.7559.110

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

  • nixos-unstable -
    • nixpkgs-unstable
    • nixos-unstable-small