Nixpkgs Security Tracker

Permalink CVE-2022-1306

created 3 weeks, 4 days ago

Inappropriate implementation in compositing in Google Chrome prior to 100.0.4896.88 …

Inappropriate implementation in compositing in Google Chrome prior to 100.0.4896.88 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

References

https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop… x_refsource_MISC
https://crbug.com/1299287 x_refsource_MISC
GLSA-202208-25 vendor-advisory x_refsource_GENTOO
https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop… x_transferred x_refsource_MISC
https://crbug.com/1299287 x_transferred x_refsource_MISC
GLSA-202208-25 vendor-advisory x_refsource_GENTOO x_transferred

Affected products

Chrome

<100.0.4896.88

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small
nixos-25.11 -
- nixos-25.11-small
- nixpkgs-25.11-darwin

pkgs.chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 145.0.7632.75
- nixpkgs-unstable 145.0.7632.75
- nixos-unstable-small 145.0.7632.116
nixos-25.11 145.0.7632.109
- nixos-25.11-small 145.0.7632.109
- nixpkgs-25.11-darwin 145.0.7632.109

pkgs.mkchromecast

Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices

nixos-unstable 2025-12-21
- nixpkgs-unstable 2025-12-21
- nixos-unstable-small 2025-12-21
nixos-25.11 2022-10-31
- nixos-25.11-small 2022-10-31
- nixpkgs-25.11-darwin 2022-10-31

pkgs.chrome-export

Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files

nixos-unstable 2.0.2
- nixpkgs-unstable 2.0.2
- nixos-unstable-small 2.0.2
nixos-25.11 2.0.2
- nixos-25.11-small 2.0.2
- nixpkgs-25.11-darwin 2.0.2

pkgs.go-chromecast

CLI for Google Chromecast, Home devices and Cast Groups

nixos-unstable 0.3.4
- nixpkgs-unstable 0.3.4
- nixos-unstable-small 0.3.4
nixos-25.11 0.3.4
- nixos-25.11-small 0.3.4
- nixpkgs-25.11-darwin 0.3.4

pkgs.google-chrome

Freeware web browser developed by Google

nixos-unstable 145.0.7632.75
- nixpkgs-unstable 145.0.7632.75
- nixos-unstable-small 145.0.7632.116
nixos-25.11 145.0.7632.109
- nixos-25.11-small 145.0.7632.109
- nixpkgs-25.11-darwin 145.0.7632.109

pkgs.xf86videoopenchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.chrome-token-signing

Chrome and Firefox extension for signing with your eID on the web

nixos-unstable 1.1.5
- nixpkgs-unstable 1.1.5
- nixos-unstable-small 1.1.5
nixos-25.11 1.1.5
- nixos-25.11-small 1.1.5
- nixpkgs-25.11-darwin 1.1.5

pkgs.chrome-pak-customizer

Simple batch tool to customize pak files in chrome or chromium-based browser

nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24
nixos-25.11 2.0-unstable-2021-06-24
- nixos-25.11-small 2.0-unstable-2021-06-24
- nixpkgs-25.11-darwin 2.0-unstable-2021-06-24

pkgs.electron-chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.1
- nixpkgs-unstable 38.8.1
- nixos-unstable-small 38.8.1
nixos-25.11 38.8.1
- nixos-25.11-small 38.8.1
- nixpkgs-25.11-darwin 38.8.1

pkgs.xf86-video-openchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.curl-impersonate-chrome

Special build of curl that can impersonate Chrome & Firefox

nixos-25.11 1.2.0
- nixos-25.11-small 1.2.0
- nixpkgs-25.11-darwin 1.2.0

pkgs.undetected-chromedriver

Custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 145.0.7632.75
- nixpkgs-unstable 145.0.7632.75
- nixos-unstable-small 145.0.7632.116
nixos-25.11 145.0.7632.109
- nixos-25.11-small 145.0.7632.109
- nixpkgs-25.11-darwin 145.0.7632.109

pkgs.electron-chromedriver_33

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_34

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_35

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_36

WebDriver server for running Selenium tests on Chrome

nixos-25.11 36.9.5
- nixos-25.11-small 36.9.5
- nixpkgs-25.11-darwin 36.9.5

pkgs.electron-chromedriver_37

WebDriver server for running Selenium tests on Chrome

nixos-unstable 37.10.3
- nixpkgs-unstable 37.10.3
- nixos-unstable-small 37.10.3
nixos-25.11 37.10.3
- nixos-25.11-small 37.10.3
- nixpkgs-25.11-darwin 37.10.3

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.1
- nixpkgs-unstable 38.8.1
- nixos-unstable-small 38.8.1
nixos-25.11 38.8.1
- nixos-25.11-small 38.8.1
- nixpkgs-25.11-darwin 38.8.1

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable 39.5.2
- nixpkgs-unstable 39.5.2
- nixos-unstable-small 39.5.2
nixos-25.11 39.5.2
- nixos-25.11-small 39.5.2
- nixpkgs-25.11-darwin 39.5.2

pkgs.electron-chromedriver_40

WebDriver server for running Selenium tests on Chrome

nixos-unstable 40.3.0
- nixpkgs-unstable 40.3.0
- nixos-unstable-small 40.3.0
nixos-25.11 40.3.0
- nixos-25.11-small 40.3.0
- nixpkgs-25.11-darwin 40.3.0

pkgs.xorg.xf86videoopenchrome

None

nixos-25.11 0.6.0
- nixos-25.11-small 0.6.0
- nixpkgs-25.11-darwin 0.6.0

pkgs.ocamlPackages.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2
nixos-25.11 3.20.2
- nixos-25.11-small 3.20.2
- nixpkgs-25.11-darwin 3.20.2

pkgs.noto-fonts-monochrome-emoji

Monochrome emoji font

nixos-unstable 3.000
- nixpkgs-unstable 3.000
- nixos-unstable-small 3.000
nixos-25.11 3.000
- nixos-25.11-small 3.000
- nixpkgs-25.11-darwin 3.000

pkgs.python312Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-25.11 14.0.9
- nixos-25.11-small 14.0.9
- nixpkgs-25.11-darwin 14.0.9

pkgs.python313Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9
nixos-25.11 14.0.9
- nixos-25.11-small 14.0.9
- nixpkgs-25.11-darwin 14.0.9

pkgs.python314Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.ocamlPackages_latest.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.python312Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-25.11 3.5.5
- nixos-25.11-small 3.5.5
- nixpkgs-25.11-darwin 3.5.5

pkgs.python313Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5
nixos-25.11 3.5.5
- nixos-25.11-small 3.5.5
- nixpkgs-25.11-darwin 3.5.5

pkgs.python314Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.grafanaPlugins.ventura-psychrometric-panel

Grafana plugin to display air conditions on a psychrometric chart

nixos-unstable 5.1.0
- nixpkgs-unstable 5.1.0
- nixos-unstable-small 5.1.0
nixos-25.11 5.0.4
- nixos-25.11-small 5.0.4
- nixpkgs-25.11-darwin 5.0.4

Package maintainers

@bdesham Benjamin Esham <benjamin@esham.io>
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
@mmahut Marek Mahut <marek.mahut@gmail.com>
@emilylange Emily Lange <nix@emilylange.de>
@networkException networkException <nix@nwex.de>
@GGG-KILLER GGG <gggkiller2@gmail.com>
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
@yayayayaka Yaya <github@uwu.is>
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
@johnrtitor Masum Reza <masumrezarock100@gmail.com>
@Shou Benedict Aas <x+g@shou.io>
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
@nicoonoclaste nicoo <nicoo@debian.org>
@abbradar Nikolay Amiantov <ab@fmap.me>
@teutat3s teutat3s <teutates@mailbox.org>
@TomaSajt TomaSajt
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>

Permalink CVE-2026-2792

created 3 weeks, 4 days ago

Memory safety bugs fixed in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148

Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

References

Affected products

Firefox

<148

Firefox ESR

<140.8

Thunderbird

<140.8
<148

Matching in nixpkgs

pkgs.firefoxpwa

Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)

nixos-unstable 2.18.0
- nixpkgs-unstable 2.18.0
- nixos-unstable-small 2.18.0
nixos-25.11 2.18.0
- nixos-25.11-small 2.18.0
- nixpkgs-25.11-darwin 2.18.0

pkgs.faust2firefox

The faust2firefox script, part of faust functional programming language for realtime audio signal processing

nixos-unstable 2.83.1
- nixpkgs-unstable 2.83.1
- nixos-unstable-small 2.83.1
nixos-25.11 2.79.3
- nixos-25.11-small 2.79.3
- nixpkgs-25.11-darwin 2.79.3

pkgs.firefox_decrypt

Tool to extract passwords from profiles of Mozilla Firefox and derivates

nixos-unstable 1.1.1
- nixpkgs-unstable 1.1.1
- nixos-unstable-small 1.1.1
nixos-25.11 1.1.1
- nixos-25.11-small 1.1.1
- nixpkgs-25.11-darwin 1.1.1

pkgs.pkgsRocm.firefox

Web browser built from Firefox source tree

nixos-unstable 147.0.4
- nixpkgs-unstable 147.0.4
- nixos-unstable-small 148.0
nixos-25.11 147.0.4
- nixos-25.11-small 147.0.4
- nixpkgs-25.11-darwin 147.0.4

pkgs.firefox-unwrapped

Web browser built from Firefox source tree

nixos-unstable 147.0.4
- nixpkgs-unstable 147.0.4
- nixos-unstable-small 148.0
nixos-25.11 147.0.4
- nixos-25.11-small 147.0.4
- nixpkgs-25.11-darwin 147.0.4

pkgs.firefox-gnome-theme

GNOME theme for Firefox

nixos-unstable 143
- nixpkgs-unstable 143
- nixos-unstable-small 143
nixos-25.11 143
- nixos-25.11-small 143
- nixpkgs-25.11-darwin 143

pkgs.firefox-sync-client

Commandline-utility to list/view/edit/delete entries in a firefox-sync account.

nixos-unstable 1.9.0
- nixpkgs-unstable 1.9.0
- nixos-unstable-small 1.9.0
nixos-25.11 1.9.0
- nixos-25.11-small 1.9.0
- nixpkgs-25.11-darwin 1.9.0

pkgs.pkgsRocm.firefoxpwa

Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)

nixos-unstable 2.18.0
- nixpkgs-unstable 2.18.0
- nixos-unstable-small 2.18.0
nixos-25.11 2.18.0
- nixos-25.11-small 2.18.0
- nixpkgs-25.11-darwin 2.18.0

pkgs.pkgsRocm.thunderbird

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.firefox-esr-unwrapped

Web browser built from Firefox source tree

nixos-unstable 140.7.0esr
- nixpkgs-unstable 140.7.0esr
- nixos-unstable-small 140.8.0esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.0esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.pkgsRocm.firefox-beta

Web browser built from Firefox Beta Release source tree

nixos-unstable 148.0b15
- nixpkgs-unstable 148.0b15
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.thunderbird-unwrapped

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.firefox-beta-unwrapped

Web browser built from Firefox Beta Release source tree

nixos-unstable 148.0b15
- nixpkgs-unstable 148.0b15
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.pkgsRocm.firefox-mobile

Web browser built from Firefox source tree

nixos-unstable 147.0.4
- nixpkgs-unstable 147.0.4
- nixos-unstable-small 148.0
nixos-25.11 147.0.4
- nixos-25.11-small 147.0.4
- nixpkgs-25.11-darwin 147.0.4

pkgs.firefox-esr-140-unwrapped

Web browser built from Firefox source tree

nixos-unstable 140.7.0esr
- nixpkgs-unstable 140.7.0esr
- nixos-unstable-small 140.8.0esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.0esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.thunderbird-128-unwrapped

Full-featured e-mail client

pkgs.thunderbird-140-unwrapped

Full-featured e-mail client

nixos-unstable 140.7.1esr
- nixpkgs-unstable 140.7.1esr
- nixos-unstable-small 140.7.2esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.1esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.thunderbird-esr-unwrapped

Full-featured e-mail client

nixos-unstable 140.7.1esr
- nixpkgs-unstable 140.7.1esr
- nixos-unstable-small 140.7.2esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.1esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.pkgsRocm.firefox-unwrapped

Web browser built from Firefox source tree

nixos-unstable 147.0.4
- nixpkgs-unstable 147.0.4
- nixos-unstable-small 148.0
nixos-25.11 147.0.4
- nixos-25.11-small 147.0.4
- nixpkgs-25.11-darwin 147.0.4

pkgs.pkgsRocm.firefox-devedition

Web browser built from Firefox Developer Edition source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.pkgsRocm.thunderbird-latest

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.firefox-devedition-unwrapped

Web browser built from Firefox Developer Edition source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.thunderbird-latest-unwrapped

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.pkgsRocm.thunderbird-unwrapped

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.pkgsRocm.firefox-beta-unwrapped

Web browser built from Firefox Beta Release source tree

nixos-unstable 148.0b15
- nixpkgs-unstable 148.0b15
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.thunderbirdPackages.thunderbird

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.gnomeExtensions.firefox-profiles

Easily launch Firefox with your favorite profile right from the indicator menu!

nixos-unstable 5
- nixpkgs-unstable 5
- nixos-unstable-small 5
nixos-25.11 5
- nixos-25.11-small 5
- nixpkgs-25.11-darwin 5

pkgs.roundcubePlugins.thunderbird_labels

None

nixos-unstable 1.6.0
- nixpkgs-unstable 1.6.0
- nixos-unstable-small 1.6.0
nixos-25.11 1.6.0
- nixos-25.11-small 1.6.0
- nixpkgs-25.11-darwin 1.6.0

pkgs.thunderbirdPackages.thunderbird-128

Full-featured e-mail client

pkgs.thunderbirdPackages.thunderbird-140

Full-featured e-mail client

nixos-unstable 140.7.1esr
- nixpkgs-unstable 140.7.1esr
- nixos-unstable-small 140.7.2esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.1esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.thunderbirdPackages.thunderbird-esr

Full-featured e-mail client

nixos-unstable 140.7.1esr
- nixpkgs-unstable 140.7.1esr
- nixos-unstable-small 140.7.2esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.1esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.pkgsRocm.firefox-devedition-unwrapped

Web browser built from Firefox Developer Edition source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.pkgsRocm.thunderbird-latest-unwrapped

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.thunderbirdPackages.thunderbird-latest

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.pkgsRocm.thunderbirdPackages.thunderbird

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.gnomeExtensions.firefox-pip-always-on-top

Automatically sets Picture-in-Picture windows to always be on top and visible on all workspaces

nixos-unstable 4
- nixpkgs-unstable 4
- nixos-unstable-small 4

pkgs.gnomeExtensions.pip-alwaysontop-for-firefox

Enable Picture-in-Picture(PIP) mode to always be on for Firefox in Gnome.

nixos-unstable 1
- nixpkgs-unstable 1
- nixos-unstable-small 1

pkgs.pkgsRocm.thunderbirdPackages.thunderbird-latest

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.vscode-extensions.firefox-devtools.vscode-firefox-debug

Visual Studio Code extension for debugging web applications and browser extensions in Firefox

nixos-unstable 2.15.0
- nixpkgs-unstable 2.15.0
- nixos-unstable-small 2.15.0
nixos-25.11 2.15.0
- nixos-25.11-small 2.15.0
- nixpkgs-25.11-darwin 2.15.0

Package maintainers

@pmahoney Patrick Mahoney <pat@polycrystal.org>
@magnetophon Bart Brouns <bart@magnetophon.nl>
@jopejoe1 jopejoe1 <nixpkgs@missing.ninja>
@rhendric Ryan Hendrickson
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
@ambroisie Bruno BELANYI <bruno.nixpkgs@belanyi.fr>
@lovesegfault Bernardo Meurer <meurerbernardo@gmail.com>
@schnusch schnusch
@pasqui23 pasqui23 <p3dimaria@hotmail.it>
@camillemndn Camille M. <camillemondon@free.fr>
@honnip Jung seungwoo <me@honnip.page>
@vcunat Vladimír Čunát <v@cunat.cz>
@nbp Nicolas B. Pierron <nixos@nbp.name>
@felschr Felix Schröter <dev@felschr.com>
@nekowinston winston <hey@winston.sh>
@booxter Ihar Hrachyshka <ihar.hrachyshka@gmail.com>

Permalink CVE-2022-1491

created 3 weeks, 4 days ago

Use after free in Bookmarks in Google Chrome prior to …

Use after free in Bookmarks in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction.

References

https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop… x_refsource_MISC
https://crbug.com/1305706 x_refsource_MISC
GLSA-202208-25 vendor-advisory x_refsource_GENTOO
https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop… x_transferred x_refsource_MISC
https://crbug.com/1305706 x_transferred x_refsource_MISC
GLSA-202208-25 vendor-advisory x_refsource_GENTOO x_transferred

Affected products

Chrome

<101.0.4951.41

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small
nixos-25.11 -
- nixos-25.11-small
- nixpkgs-25.11-darwin

pkgs.chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 145.0.7632.75
- nixpkgs-unstable 145.0.7632.75
- nixos-unstable-small 145.0.7632.116
nixos-25.11 145.0.7632.109
- nixos-25.11-small 145.0.7632.109
- nixpkgs-25.11-darwin 145.0.7632.109

pkgs.mkchromecast

Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices

nixos-unstable 2025-12-21
- nixpkgs-unstable 2025-12-21
- nixos-unstable-small 2025-12-21
nixos-25.11 2022-10-31
- nixos-25.11-small 2022-10-31
- nixpkgs-25.11-darwin 2022-10-31

pkgs.chrome-export

Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files

nixos-unstable 2.0.2
- nixpkgs-unstable 2.0.2
- nixos-unstable-small 2.0.2
nixos-25.11 2.0.2
- nixos-25.11-small 2.0.2
- nixpkgs-25.11-darwin 2.0.2

pkgs.go-chromecast

CLI for Google Chromecast, Home devices and Cast Groups

nixos-unstable 0.3.4
- nixpkgs-unstable 0.3.4
- nixos-unstable-small 0.3.4
nixos-25.11 0.3.4
- nixos-25.11-small 0.3.4
- nixpkgs-25.11-darwin 0.3.4

pkgs.google-chrome

Freeware web browser developed by Google

nixos-unstable 145.0.7632.75
- nixpkgs-unstable 145.0.7632.75
- nixos-unstable-small 145.0.7632.116
nixos-25.11 145.0.7632.109
- nixos-25.11-small 145.0.7632.109
- nixpkgs-25.11-darwin 145.0.7632.109

pkgs.xf86videoopenchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.chrome-token-signing

Chrome and Firefox extension for signing with your eID on the web

nixos-unstable 1.1.5
- nixpkgs-unstable 1.1.5
- nixos-unstable-small 1.1.5
nixos-25.11 1.1.5
- nixos-25.11-small 1.1.5
- nixpkgs-25.11-darwin 1.1.5

pkgs.chrome-pak-customizer

Simple batch tool to customize pak files in chrome or chromium-based browser

nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24
nixos-25.11 2.0-unstable-2021-06-24
- nixos-25.11-small 2.0-unstable-2021-06-24
- nixpkgs-25.11-darwin 2.0-unstable-2021-06-24

pkgs.electron-chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.1
- nixpkgs-unstable 38.8.1
- nixos-unstable-small 38.8.1
nixos-25.11 38.8.1
- nixos-25.11-small 38.8.1
- nixpkgs-25.11-darwin 38.8.1

pkgs.xf86-video-openchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.curl-impersonate-chrome

Special build of curl that can impersonate Chrome & Firefox

nixos-25.11 1.2.0
- nixos-25.11-small 1.2.0
- nixpkgs-25.11-darwin 1.2.0

pkgs.undetected-chromedriver

Custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 145.0.7632.75
- nixpkgs-unstable 145.0.7632.75
- nixos-unstable-small 145.0.7632.116
nixos-25.11 145.0.7632.109
- nixos-25.11-small 145.0.7632.109
- nixpkgs-25.11-darwin 145.0.7632.109

pkgs.electron-chromedriver_33

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_34

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_35

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_36

WebDriver server for running Selenium tests on Chrome

nixos-25.11 36.9.5
- nixos-25.11-small 36.9.5
- nixpkgs-25.11-darwin 36.9.5

pkgs.electron-chromedriver_37

WebDriver server for running Selenium tests on Chrome

nixos-unstable 37.10.3
- nixpkgs-unstable 37.10.3
- nixos-unstable-small 37.10.3
nixos-25.11 37.10.3
- nixos-25.11-small 37.10.3
- nixpkgs-25.11-darwin 37.10.3

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.1
- nixpkgs-unstable 38.8.1
- nixos-unstable-small 38.8.1
nixos-25.11 38.8.1
- nixos-25.11-small 38.8.1
- nixpkgs-25.11-darwin 38.8.1

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable 39.5.2
- nixpkgs-unstable 39.5.2
- nixos-unstable-small 39.5.2
nixos-25.11 39.5.2
- nixos-25.11-small 39.5.2
- nixpkgs-25.11-darwin 39.5.2

pkgs.electron-chromedriver_40

WebDriver server for running Selenium tests on Chrome

nixos-unstable 40.3.0
- nixpkgs-unstable 40.3.0
- nixos-unstable-small 40.3.0
nixos-25.11 40.3.0
- nixos-25.11-small 40.3.0
- nixpkgs-25.11-darwin 40.3.0

pkgs.xorg.xf86videoopenchrome

None

nixos-25.11 0.6.0
- nixos-25.11-small 0.6.0
- nixpkgs-25.11-darwin 0.6.0

pkgs.ocamlPackages.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2
nixos-25.11 3.20.2
- nixos-25.11-small 3.20.2
- nixpkgs-25.11-darwin 3.20.2

pkgs.noto-fonts-monochrome-emoji

Monochrome emoji font

nixos-unstable 3.000
- nixpkgs-unstable 3.000
- nixos-unstable-small 3.000
nixos-25.11 3.000
- nixos-25.11-small 3.000
- nixpkgs-25.11-darwin 3.000

pkgs.python312Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-25.11 14.0.9
- nixos-25.11-small 14.0.9
- nixpkgs-25.11-darwin 14.0.9

pkgs.python313Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9
nixos-25.11 14.0.9
- nixos-25.11-small 14.0.9
- nixpkgs-25.11-darwin 14.0.9

pkgs.python314Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.ocamlPackages_latest.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.python312Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-25.11 3.5.5
- nixos-25.11-small 3.5.5
- nixpkgs-25.11-darwin 3.5.5

pkgs.python313Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5
nixos-25.11 3.5.5
- nixos-25.11-small 3.5.5
- nixpkgs-25.11-darwin 3.5.5

pkgs.python314Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.grafanaPlugins.ventura-psychrometric-panel

Grafana plugin to display air conditions on a psychrometric chart

nixos-unstable 5.1.0
- nixpkgs-unstable 5.1.0
- nixos-unstable-small 5.1.0
nixos-25.11 5.0.4
- nixos-25.11-small 5.0.4
- nixpkgs-25.11-darwin 5.0.4

Package maintainers

@bdesham Benjamin Esham <benjamin@esham.io>
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
@mmahut Marek Mahut <marek.mahut@gmail.com>
@emilylange Emily Lange <nix@emilylange.de>
@networkException networkException <nix@nwex.de>
@GGG-KILLER GGG <gggkiller2@gmail.com>
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
@yayayayaka Yaya <github@uwu.is>
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
@johnrtitor Masum Reza <masumrezarock100@gmail.com>
@Shou Benedict Aas <x+g@shou.io>
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
@nicoonoclaste nicoo <nicoo@debian.org>
@abbradar Nikolay Amiantov <ab@fmap.me>
@teutat3s teutat3s <teutates@mailbox.org>
@TomaSajt TomaSajt
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>

Permalink CVE-2022-1496

created 3 weeks, 4 days ago

Use after free in File Manager in Google Chrome prior …

Use after free in File Manager in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific and direct user interaction.

References

https://crbug.com/1306391 x_refsource_MISC
GLSA-202208-25 vendor-advisory x_refsource_GENTOO
https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop… x_refsource_MISC
https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop… x_transferred x_refsource_MISC
https://crbug.com/1306391 x_transferred x_refsource_MISC
GLSA-202208-25 vendor-advisory x_refsource_GENTOO x_transferred

Affected products

Chrome

<101.0.4951.41

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small
nixos-25.11 -
- nixos-25.11-small
- nixpkgs-25.11-darwin

pkgs.chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 145.0.7632.75
- nixpkgs-unstable 145.0.7632.75
- nixos-unstable-small 145.0.7632.116
nixos-25.11 145.0.7632.109
- nixos-25.11-small 145.0.7632.109
- nixpkgs-25.11-darwin 145.0.7632.109

pkgs.mkchromecast

Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices

nixos-unstable 2025-12-21
- nixpkgs-unstable 2025-12-21
- nixos-unstable-small 2025-12-21
nixos-25.11 2022-10-31
- nixos-25.11-small 2022-10-31
- nixpkgs-25.11-darwin 2022-10-31

pkgs.chrome-export

Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files

nixos-unstable 2.0.2
- nixpkgs-unstable 2.0.2
- nixos-unstable-small 2.0.2
nixos-25.11 2.0.2
- nixos-25.11-small 2.0.2
- nixpkgs-25.11-darwin 2.0.2

pkgs.go-chromecast

CLI for Google Chromecast, Home devices and Cast Groups

nixos-unstable 0.3.4
- nixpkgs-unstable 0.3.4
- nixos-unstable-small 0.3.4
nixos-25.11 0.3.4
- nixos-25.11-small 0.3.4
- nixpkgs-25.11-darwin 0.3.4

pkgs.google-chrome

Freeware web browser developed by Google

nixos-unstable 145.0.7632.75
- nixpkgs-unstable 145.0.7632.75
- nixos-unstable-small 145.0.7632.116
nixos-25.11 145.0.7632.109
- nixos-25.11-small 145.0.7632.109
- nixpkgs-25.11-darwin 145.0.7632.109

pkgs.xf86videoopenchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.chrome-token-signing

Chrome and Firefox extension for signing with your eID on the web

nixos-unstable 1.1.5
- nixpkgs-unstable 1.1.5
- nixos-unstable-small 1.1.5
nixos-25.11 1.1.5
- nixos-25.11-small 1.1.5
- nixpkgs-25.11-darwin 1.1.5

pkgs.chrome-pak-customizer

Simple batch tool to customize pak files in chrome or chromium-based browser

nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24
nixos-25.11 2.0-unstable-2021-06-24
- nixos-25.11-small 2.0-unstable-2021-06-24
- nixpkgs-25.11-darwin 2.0-unstable-2021-06-24

pkgs.electron-chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.1
- nixpkgs-unstable 38.8.1
- nixos-unstable-small 38.8.1
nixos-25.11 38.8.1
- nixos-25.11-small 38.8.1
- nixpkgs-25.11-darwin 38.8.1

pkgs.xf86-video-openchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.curl-impersonate-chrome

Special build of curl that can impersonate Chrome & Firefox

nixos-25.11 1.2.0
- nixos-25.11-small 1.2.0
- nixpkgs-25.11-darwin 1.2.0

pkgs.undetected-chromedriver

Custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 145.0.7632.75
- nixpkgs-unstable 145.0.7632.75
- nixos-unstable-small 145.0.7632.116
nixos-25.11 145.0.7632.109
- nixos-25.11-small 145.0.7632.109
- nixpkgs-25.11-darwin 145.0.7632.109

pkgs.electron-chromedriver_33

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_34

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_35

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_36

WebDriver server for running Selenium tests on Chrome

nixos-25.11 36.9.5
- nixos-25.11-small 36.9.5
- nixpkgs-25.11-darwin 36.9.5

pkgs.electron-chromedriver_37

WebDriver server for running Selenium tests on Chrome

nixos-unstable 37.10.3
- nixpkgs-unstable 37.10.3
- nixos-unstable-small 37.10.3
nixos-25.11 37.10.3
- nixos-25.11-small 37.10.3
- nixpkgs-25.11-darwin 37.10.3

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.1
- nixpkgs-unstable 38.8.1
- nixos-unstable-small 38.8.1
nixos-25.11 38.8.1
- nixos-25.11-small 38.8.1
- nixpkgs-25.11-darwin 38.8.1

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable 39.5.2
- nixpkgs-unstable 39.5.2
- nixos-unstable-small 39.5.2
nixos-25.11 39.5.2
- nixos-25.11-small 39.5.2
- nixpkgs-25.11-darwin 39.5.2

pkgs.electron-chromedriver_40

WebDriver server for running Selenium tests on Chrome

nixos-unstable 40.3.0
- nixpkgs-unstable 40.3.0
- nixos-unstable-small 40.3.0
nixos-25.11 40.3.0
- nixos-25.11-small 40.3.0
- nixpkgs-25.11-darwin 40.3.0

pkgs.xorg.xf86videoopenchrome

None

nixos-25.11 0.6.0
- nixos-25.11-small 0.6.0
- nixpkgs-25.11-darwin 0.6.0

pkgs.ocamlPackages.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2
nixos-25.11 3.20.2
- nixos-25.11-small 3.20.2
- nixpkgs-25.11-darwin 3.20.2

pkgs.noto-fonts-monochrome-emoji

Monochrome emoji font

nixos-unstable 3.000
- nixpkgs-unstable 3.000
- nixos-unstable-small 3.000
nixos-25.11 3.000
- nixos-25.11-small 3.000
- nixpkgs-25.11-darwin 3.000

pkgs.python312Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-25.11 14.0.9
- nixos-25.11-small 14.0.9
- nixpkgs-25.11-darwin 14.0.9

pkgs.python313Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9
nixos-25.11 14.0.9
- nixos-25.11-small 14.0.9
- nixpkgs-25.11-darwin 14.0.9

pkgs.python314Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.ocamlPackages_latest.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.python312Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-25.11 3.5.5
- nixos-25.11-small 3.5.5
- nixpkgs-25.11-darwin 3.5.5

pkgs.python313Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5
nixos-25.11 3.5.5
- nixos-25.11-small 3.5.5
- nixpkgs-25.11-darwin 3.5.5

pkgs.python314Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.grafanaPlugins.ventura-psychrometric-panel

Grafana plugin to display air conditions on a psychrometric chart

nixos-unstable 5.1.0
- nixpkgs-unstable 5.1.0
- nixos-unstable-small 5.1.0
nixos-25.11 5.0.4
- nixos-25.11-small 5.0.4
- nixpkgs-25.11-darwin 5.0.4

Package maintainers

@bdesham Benjamin Esham <benjamin@esham.io>
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
@mmahut Marek Mahut <marek.mahut@gmail.com>
@emilylange Emily Lange <nix@emilylange.de>
@networkException networkException <nix@nwex.de>
@GGG-KILLER GGG <gggkiller2@gmail.com>
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
@yayayayaka Yaya <github@uwu.is>
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
@johnrtitor Masum Reza <masumrezarock100@gmail.com>
@Shou Benedict Aas <x+g@shou.io>
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
@nicoonoclaste nicoo <nicoo@debian.org>
@abbradar Nikolay Amiantov <ab@fmap.me>
@teutat3s teutat3s <teutates@mailbox.org>
@TomaSajt TomaSajt
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>

Permalink CVE-2026-2790

created 3 weeks, 4 days ago

Same-origin policy bypass in the Networking: JAR component

Same-origin policy bypass in the Networking: JAR component. This vulnerability affects Firefox < 148, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

References

Affected products

Firefox

<148

Firefox ESR

<140.8

Thunderbird

<140.8
<148

Matching in nixpkgs

pkgs.firefoxpwa

Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)

nixos-unstable 2.18.0
- nixpkgs-unstable 2.18.0
- nixos-unstable-small 2.18.0
nixos-25.11 2.18.0
- nixos-25.11-small 2.18.0
- nixpkgs-25.11-darwin 2.18.0

pkgs.faust2firefox

The faust2firefox script, part of faust functional programming language for realtime audio signal processing

nixos-unstable 2.83.1
- nixpkgs-unstable 2.83.1
- nixos-unstable-small 2.83.1
nixos-25.11 2.79.3
- nixos-25.11-small 2.79.3
- nixpkgs-25.11-darwin 2.79.3

pkgs.firefox_decrypt

Tool to extract passwords from profiles of Mozilla Firefox and derivates

nixos-unstable 1.1.1
- nixpkgs-unstable 1.1.1
- nixos-unstable-small 1.1.1
nixos-25.11 1.1.1
- nixos-25.11-small 1.1.1
- nixpkgs-25.11-darwin 1.1.1

pkgs.pkgsRocm.firefox

Web browser built from Firefox source tree

nixos-unstable 147.0.4
- nixpkgs-unstable 147.0.4
- nixos-unstable-small 148.0
nixos-25.11 147.0.4
- nixos-25.11-small 147.0.4
- nixpkgs-25.11-darwin 147.0.4

pkgs.firefox-unwrapped

Web browser built from Firefox source tree

nixos-unstable 147.0.4
- nixpkgs-unstable 147.0.4
- nixos-unstable-small 148.0
nixos-25.11 147.0.4
- nixos-25.11-small 147.0.4
- nixpkgs-25.11-darwin 147.0.4

pkgs.firefox-gnome-theme

GNOME theme for Firefox

nixos-unstable 143
- nixpkgs-unstable 143
- nixos-unstable-small 143
nixos-25.11 143
- nixos-25.11-small 143
- nixpkgs-25.11-darwin 143

pkgs.firefox-sync-client

Commandline-utility to list/view/edit/delete entries in a firefox-sync account.

nixos-unstable 1.9.0
- nixpkgs-unstable 1.9.0
- nixos-unstable-small 1.9.0
nixos-25.11 1.9.0
- nixos-25.11-small 1.9.0
- nixpkgs-25.11-darwin 1.9.0

pkgs.pkgsRocm.firefoxpwa

Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)

nixos-unstable 2.18.0
- nixpkgs-unstable 2.18.0
- nixos-unstable-small 2.18.0
nixos-25.11 2.18.0
- nixos-25.11-small 2.18.0
- nixpkgs-25.11-darwin 2.18.0

pkgs.pkgsRocm.thunderbird

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.firefox-esr-unwrapped

Web browser built from Firefox source tree

nixos-unstable 140.7.0esr
- nixpkgs-unstable 140.7.0esr
- nixos-unstable-small 140.8.0esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.0esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.pkgsRocm.firefox-beta

Web browser built from Firefox Beta Release source tree

nixos-unstable 148.0b15
- nixpkgs-unstable 148.0b15
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.thunderbird-unwrapped

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.firefox-beta-unwrapped

Web browser built from Firefox Beta Release source tree

nixos-unstable 148.0b15
- nixpkgs-unstable 148.0b15
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.pkgsRocm.firefox-mobile

Web browser built from Firefox source tree

nixos-unstable 147.0.4
- nixpkgs-unstable 147.0.4
- nixos-unstable-small 148.0
nixos-25.11 147.0.4
- nixos-25.11-small 147.0.4
- nixpkgs-25.11-darwin 147.0.4

pkgs.firefox-esr-140-unwrapped

Web browser built from Firefox source tree

nixos-unstable 140.7.0esr
- nixpkgs-unstable 140.7.0esr
- nixos-unstable-small 140.8.0esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.0esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.thunderbird-128-unwrapped

Full-featured e-mail client

pkgs.thunderbird-140-unwrapped

Full-featured e-mail client

nixos-unstable 140.7.1esr
- nixpkgs-unstable 140.7.1esr
- nixos-unstable-small 140.7.2esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.1esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.thunderbird-esr-unwrapped

Full-featured e-mail client

nixos-unstable 140.7.1esr
- nixpkgs-unstable 140.7.1esr
- nixos-unstable-small 140.7.2esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.1esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.pkgsRocm.firefox-unwrapped

Web browser built from Firefox source tree

nixos-unstable 147.0.4
- nixpkgs-unstable 147.0.4
- nixos-unstable-small 148.0
nixos-25.11 147.0.4
- nixos-25.11-small 147.0.4
- nixpkgs-25.11-darwin 147.0.4

pkgs.pkgsRocm.firefox-devedition

Web browser built from Firefox Developer Edition source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.pkgsRocm.thunderbird-latest

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.firefox-devedition-unwrapped

Web browser built from Firefox Developer Edition source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.thunderbird-latest-unwrapped

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.pkgsRocm.thunderbird-unwrapped

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.pkgsRocm.firefox-beta-unwrapped

Web browser built from Firefox Beta Release source tree

nixos-unstable 148.0b15
- nixpkgs-unstable 148.0b15
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.thunderbirdPackages.thunderbird

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.gnomeExtensions.firefox-profiles

Easily launch Firefox with your favorite profile right from the indicator menu!

nixos-unstable 5
- nixpkgs-unstable 5
- nixos-unstable-small 5
nixos-25.11 5
- nixos-25.11-small 5
- nixpkgs-25.11-darwin 5

pkgs.roundcubePlugins.thunderbird_labels

None

nixos-unstable 1.6.0
- nixpkgs-unstable 1.6.0
- nixos-unstable-small 1.6.0
nixos-25.11 1.6.0
- nixos-25.11-small 1.6.0
- nixpkgs-25.11-darwin 1.6.0

pkgs.thunderbirdPackages.thunderbird-128

Full-featured e-mail client

pkgs.thunderbirdPackages.thunderbird-140

Full-featured e-mail client

nixos-unstable 140.7.1esr
- nixpkgs-unstable 140.7.1esr
- nixos-unstable-small 140.7.2esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.1esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.thunderbirdPackages.thunderbird-esr

Full-featured e-mail client

nixos-unstable 140.7.1esr
- nixpkgs-unstable 140.7.1esr
- nixos-unstable-small 140.7.2esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.1esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.pkgsRocm.firefox-devedition-unwrapped

Web browser built from Firefox Developer Edition source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.pkgsRocm.thunderbird-latest-unwrapped

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.thunderbirdPackages.thunderbird-latest

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.pkgsRocm.thunderbirdPackages.thunderbird

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.gnomeExtensions.firefox-pip-always-on-top

Automatically sets Picture-in-Picture windows to always be on top and visible on all workspaces

nixos-unstable 4
- nixpkgs-unstable 4
- nixos-unstable-small 4

pkgs.gnomeExtensions.pip-alwaysontop-for-firefox

Enable Picture-in-Picture(PIP) mode to always be on for Firefox in Gnome.

nixos-unstable 1
- nixpkgs-unstable 1
- nixos-unstable-small 1

pkgs.pkgsRocm.thunderbirdPackages.thunderbird-latest

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.vscode-extensions.firefox-devtools.vscode-firefox-debug

Visual Studio Code extension for debugging web applications and browser extensions in Firefox

nixos-unstable 2.15.0
- nixpkgs-unstable 2.15.0
- nixos-unstable-small 2.15.0
nixos-25.11 2.15.0
- nixos-25.11-small 2.15.0
- nixpkgs-25.11-darwin 2.15.0

Package maintainers

@pmahoney Patrick Mahoney <pat@polycrystal.org>
@magnetophon Bart Brouns <bart@magnetophon.nl>
@jopejoe1 jopejoe1 <nixpkgs@missing.ninja>
@rhendric Ryan Hendrickson
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
@ambroisie Bruno BELANYI <bruno.nixpkgs@belanyi.fr>
@lovesegfault Bernardo Meurer <meurerbernardo@gmail.com>
@schnusch schnusch
@pasqui23 pasqui23 <p3dimaria@hotmail.it>
@camillemndn Camille M. <camillemondon@free.fr>
@honnip Jung seungwoo <me@honnip.page>
@vcunat Vladimír Čunát <v@cunat.cz>
@nbp Nicolas B. Pierron <nixos@nbp.name>
@felschr Felix Schröter <dev@felschr.com>
@nekowinston winston <hey@winston.sh>
@booxter Ihar Hrachyshka <ihar.hrachyshka@gmail.com>

Permalink CVE-2022-1328

4.3 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): NONE
Availability impact (A): NONE

created 3 weeks, 4 days ago

Buffer Overflow in uudecoder in Mutt affecting all versions starting …

Buffer Overflow in uudecoder in Mutt affecting all versions starting from 0.94.13 before 2.2.3 allows read past end of input line

References

Affected products

Mutt

==>=0.94.13, <2.2.3

Matching in nixpkgs

pkgs.mutt

Small but very powerful text-based mail client

nixos-unstable 2.3.0
- nixpkgs-unstable 2.3.0
- nixos-unstable-small 2.3.0
nixos-25.11 2.2.16
- nixos-25.11-small 2.2.16
- nixpkgs-25.11-darwin 2.2.16

pkgs.mutter

Window manager for GNOME

nixos-unstable 49.4
- nixpkgs-unstable 49.4
- nixos-unstable-small 49.4
nixos-25.11 49.2
- nixos-25.11-small 49.2
- nixpkgs-25.11-darwin 49.2

pkgs.neomutt

Small but very powerful text-based mail client

nixos-unstable 20260105
- nixpkgs-unstable 20260105
- nixos-unstable-small 20260105
nixos-25.11 20250905
- nixos-25.11-small 20250905
- nixpkgs-25.11-darwin 20250905

pkgs.mutt-ics

Tool to show calendar event details in Mutt

nixos-unstable 0.9.2
- nixpkgs-unstable 0.9.2
- nixos-unstable-small 0.9.2
nixos-25.11 0.9.2
- nixos-25.11-small 0.9.2
- nixpkgs-25.11-darwin 0.9.2

pkgs.mutter46

Window manager for GNOME

nixos-25.11 46.8
- nixos-25.11-small 46.8
- nixpkgs-25.11-darwin 46.8

pkgs.mutter48

Window manager for GNOME

nixos-unstable 48.7
- nixpkgs-unstable 48.7
- nixos-unstable-small 48.7

pkgs.mutt-wizard

System for automatically configuring mutt and isync

nixos-unstable 3.3.1
- nixpkgs-unstable 3.3.1
- nixos-unstable-small 3.3.1
nixos-25.11 3.3.1
- nixos-25.11-small 3.3.1
- nixpkgs-25.11-darwin 3.3.1

pkgs.fontmuttmisc

ClearU pcf fonts

nixos-unstable 1.0.4
- nixpkgs-unstable 1.0.4
- nixos-unstable-small 1.0.4

pkgs.notmuch-mutt

Mutt support for notmuch

nixos-unstable 0.40
- nixpkgs-unstable 0.40
- nixos-unstable-small 0.40
nixos-25.11 0.39
- nixos-25.11-small 0.39
- nixpkgs-25.11-darwin 0.39

pkgs.font-mutt-misc

ClearU pcf fonts

nixos-unstable 1.0.4
- nixpkgs-unstable 1.0.4
- nixos-unstable-small 1.0.4
nixos-25.11 1.0.4
- nixos-25.11-small 1.0.4
- nixpkgs-25.11-darwin 1.0.4

pkgs.pantheon.mutter

Window manager for GNOME

nixos-unstable 48.7
- nixpkgs-unstable 48.7
- nixos-unstable-small 48.7
nixos-25.11 46.8
- nixos-25.11-small 46.8
- nixpkgs-25.11-darwin 46.8

pkgs.xorg.fontmuttmisc

None

nixos-25.11 1.0.4
- nixos-25.11-small 1.0.4
- nixpkgs-25.11-darwin 1.0.4

pkgs.vimPlugins.nvim-treesitter-parsers.muttrc

None

nixos-unstable 0.0.0+rev=173b0ab
- nixpkgs-unstable 0.0.0+rev=173b0ab
- nixos-unstable-small 0.0.0+rev=173b0ab
nixos-25.11 -
- nixos-25.11-small
- nixpkgs-25.11-darwin

Package maintainers

@rnhmjoj Michele Guerini Rocco <rnhmjoj@inventati.org>
@mh182 Max Hofer <mh182@chello.at>
@SCOTT-HAMILTON Scott Hamilton <sgn.hamilton@protonmail.com>
@hedning Tor Hedin Brønner <torhedinbronner@gmail.com>
@bobby285271 Bobby Rong <rjl931189261@126.com>
@jtojnar Jan Tojnar <jtojnar@gmail.com>
@dasj19 Daniel Șerbănescu <daniel@serbanescu.dk>
@davidak David Kleuker <post@davidak.de>
@RaitoBezarius Ryan Lahfa <ryan@lahfa.xyz>
@ethancedwards8 Ethan Carter Edwards <ethan@ethancedwards.com>
@erikryb Erik Rybakken <erik.rybakken@math.ntnu.no>
@peterhoeg Peter Hoeg <peter@hoeg.com>

Permalink CVE-2026-2795

created 3 weeks, 4 days ago

Use-after-free in the JavaScript: GC component

Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 148 and Thunderbird < 148.

References

Affected products

Firefox

<148

Thunderbird

<148

Matching in nixpkgs

pkgs.firefoxpwa

Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)

nixos-unstable 2.18.0
- nixpkgs-unstable 2.18.0
- nixos-unstable-small 2.18.0
nixos-25.11 2.18.0
- nixos-25.11-small 2.18.0
- nixpkgs-25.11-darwin 2.18.0

pkgs.faust2firefox

The faust2firefox script, part of faust functional programming language for realtime audio signal processing

nixos-unstable 2.83.1
- nixpkgs-unstable 2.83.1
- nixos-unstable-small 2.83.1
nixos-25.11 2.79.3
- nixos-25.11-small 2.79.3
- nixpkgs-25.11-darwin 2.79.3

pkgs.firefox_decrypt

Tool to extract passwords from profiles of Mozilla Firefox and derivates

nixos-unstable 1.1.1
- nixpkgs-unstable 1.1.1
- nixos-unstable-small 1.1.1
nixos-25.11 1.1.1
- nixos-25.11-small 1.1.1
- nixpkgs-25.11-darwin 1.1.1

pkgs.pkgsRocm.firefox

Web browser built from Firefox source tree

nixos-unstable 147.0.4
- nixpkgs-unstable 147.0.4
- nixos-unstable-small 148.0
nixos-25.11 147.0.4
- nixos-25.11-small 147.0.4
- nixpkgs-25.11-darwin 147.0.4

pkgs.firefox-unwrapped

Web browser built from Firefox source tree

nixos-unstable 147.0.4
- nixpkgs-unstable 147.0.4
- nixos-unstable-small 148.0
nixos-25.11 147.0.4
- nixos-25.11-small 147.0.4
- nixpkgs-25.11-darwin 147.0.4

pkgs.firefox-gnome-theme

GNOME theme for Firefox

nixos-unstable 143
- nixpkgs-unstable 143
- nixos-unstable-small 143
nixos-25.11 143
- nixos-25.11-small 143
- nixpkgs-25.11-darwin 143

pkgs.firefox-sync-client

Commandline-utility to list/view/edit/delete entries in a firefox-sync account.

nixos-unstable 1.9.0
- nixpkgs-unstable 1.9.0
- nixos-unstable-small 1.9.0
nixos-25.11 1.9.0
- nixos-25.11-small 1.9.0
- nixpkgs-25.11-darwin 1.9.0

pkgs.pkgsRocm.firefoxpwa

Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)

nixos-unstable 2.18.0
- nixpkgs-unstable 2.18.0
- nixos-unstable-small 2.18.0
nixos-25.11 2.18.0
- nixos-25.11-small 2.18.0
- nixpkgs-25.11-darwin 2.18.0

pkgs.pkgsRocm.thunderbird

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.firefox-esr-unwrapped

Web browser built from Firefox source tree

nixos-unstable 140.7.0esr
- nixpkgs-unstable 140.7.0esr
- nixos-unstable-small 140.8.0esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.0esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.pkgsRocm.firefox-beta

Web browser built from Firefox Beta Release source tree

nixos-unstable 148.0b15
- nixpkgs-unstable 148.0b15
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.thunderbird-unwrapped

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.firefox-beta-unwrapped

Web browser built from Firefox Beta Release source tree

nixos-unstable 148.0b15
- nixpkgs-unstable 148.0b15
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.pkgsRocm.firefox-mobile

Web browser built from Firefox source tree

nixos-unstable 147.0.4
- nixpkgs-unstable 147.0.4
- nixos-unstable-small 148.0
nixos-25.11 147.0.4
- nixos-25.11-small 147.0.4
- nixpkgs-25.11-darwin 147.0.4

pkgs.firefox-esr-140-unwrapped

Web browser built from Firefox source tree

nixos-unstable 140.7.0esr
- nixpkgs-unstable 140.7.0esr
- nixos-unstable-small 140.8.0esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.0esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.thunderbird-128-unwrapped

Full-featured e-mail client

pkgs.thunderbird-140-unwrapped

Full-featured e-mail client

nixos-unstable 140.7.1esr
- nixpkgs-unstable 140.7.1esr
- nixos-unstable-small 140.7.2esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.1esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.thunderbird-esr-unwrapped

Full-featured e-mail client

nixos-unstable 140.7.1esr
- nixpkgs-unstable 140.7.1esr
- nixos-unstable-small 140.7.2esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.1esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.pkgsRocm.firefox-unwrapped

Web browser built from Firefox source tree

nixos-unstable 147.0.4
- nixpkgs-unstable 147.0.4
- nixos-unstable-small 148.0
nixos-25.11 147.0.4
- nixos-25.11-small 147.0.4
- nixpkgs-25.11-darwin 147.0.4

pkgs.pkgsRocm.firefox-devedition

Web browser built from Firefox Developer Edition source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.pkgsRocm.thunderbird-latest

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.firefox-devedition-unwrapped

Web browser built from Firefox Developer Edition source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.thunderbird-latest-unwrapped

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.pkgsRocm.thunderbird-unwrapped

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.pkgsRocm.firefox-beta-unwrapped

Web browser built from Firefox Beta Release source tree

nixos-unstable 148.0b15
- nixpkgs-unstable 148.0b15
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.thunderbirdPackages.thunderbird

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.gnomeExtensions.firefox-profiles

Easily launch Firefox with your favorite profile right from the indicator menu!

nixos-unstable 5
- nixpkgs-unstable 5
- nixos-unstable-small 5
nixos-25.11 5
- nixos-25.11-small 5
- nixpkgs-25.11-darwin 5

pkgs.roundcubePlugins.thunderbird_labels

None

nixos-unstable 1.6.0
- nixpkgs-unstable 1.6.0
- nixos-unstable-small 1.6.0
nixos-25.11 1.6.0
- nixos-25.11-small 1.6.0
- nixpkgs-25.11-darwin 1.6.0

pkgs.thunderbirdPackages.thunderbird-128

Full-featured e-mail client

pkgs.thunderbirdPackages.thunderbird-140

Full-featured e-mail client

nixos-unstable 140.7.1esr
- nixpkgs-unstable 140.7.1esr
- nixos-unstable-small 140.7.2esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.1esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.thunderbirdPackages.thunderbird-esr

Full-featured e-mail client

nixos-unstable 140.7.1esr
- nixpkgs-unstable 140.7.1esr
- nixos-unstable-small 140.7.2esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.1esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.pkgsRocm.firefox-devedition-unwrapped

Web browser built from Firefox Developer Edition source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.pkgsRocm.thunderbird-latest-unwrapped

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.thunderbirdPackages.thunderbird-latest

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.pkgsRocm.thunderbirdPackages.thunderbird

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.gnomeExtensions.firefox-pip-always-on-top

Automatically sets Picture-in-Picture windows to always be on top and visible on all workspaces

nixos-unstable 4
- nixpkgs-unstable 4
- nixos-unstable-small 4

pkgs.gnomeExtensions.pip-alwaysontop-for-firefox

Enable Picture-in-Picture(PIP) mode to always be on for Firefox in Gnome.

nixos-unstable 1
- nixpkgs-unstable 1
- nixos-unstable-small 1

pkgs.pkgsRocm.thunderbirdPackages.thunderbird-latest

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.vscode-extensions.firefox-devtools.vscode-firefox-debug

Visual Studio Code extension for debugging web applications and browser extensions in Firefox

nixos-unstable 2.15.0
- nixpkgs-unstable 2.15.0
- nixos-unstable-small 2.15.0
nixos-25.11 2.15.0
- nixos-25.11-small 2.15.0
- nixpkgs-25.11-darwin 2.15.0

Package maintainers

@pmahoney Patrick Mahoney <pat@polycrystal.org>
@magnetophon Bart Brouns <bart@magnetophon.nl>
@jopejoe1 jopejoe1 <nixpkgs@missing.ninja>
@rhendric Ryan Hendrickson
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
@ambroisie Bruno BELANYI <bruno.nixpkgs@belanyi.fr>
@lovesegfault Bernardo Meurer <meurerbernardo@gmail.com>
@schnusch schnusch
@pasqui23 pasqui23 <p3dimaria@hotmail.it>
@camillemndn Camille M. <camillemondon@free.fr>
@honnip Jung seungwoo <me@honnip.page>
@vcunat Vladimír Čunát <v@cunat.cz>
@nbp Nicolas B. Pierron <nixos@nbp.name>
@felschr Felix Schröter <dev@felschr.com>
@nekowinston winston <hey@winston.sh>
@booxter Ihar Hrachyshka <ihar.hrachyshka@gmail.com>

Permalink CVE-2022-1481

created 3 weeks, 4 days ago

Use after free in Sharing in Google Chrome on Mac …

Use after free in Sharing in Google Chrome on Mac prior to 101.0.4951.41 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.

References

https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop… x_refsource_MISC
https://crbug.com/1302949 x_refsource_MISC
GLSA-202208-25 vendor-advisory x_refsource_GENTOO
GLSA-202208-25 vendor-advisory x_refsource_GENTOO x_transferred
https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop… x_transferred x_refsource_MISC
https://crbug.com/1302949 x_transferred x_refsource_MISC

Affected products

Chrome

<101.0.4951.41

Matching in nixpkgs

pkgs.netflix

Open Netflix in Google Chrome app mode

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small
nixos-25.11 -
- nixos-25.11-small
- nixpkgs-25.11-darwin

pkgs.chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 145.0.7632.75
- nixpkgs-unstable 145.0.7632.75
- nixos-unstable-small 145.0.7632.116
nixos-25.11 145.0.7632.109
- nixos-25.11-small 145.0.7632.109
- nixpkgs-25.11-darwin 145.0.7632.109

pkgs.mkchromecast

Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices

nixos-unstable 2025-12-21
- nixpkgs-unstable 2025-12-21
- nixos-unstable-small 2025-12-21
nixos-25.11 2022-10-31
- nixos-25.11-small 2022-10-31
- nixpkgs-25.11-darwin 2022-10-31

pkgs.chrome-export

Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files

nixos-unstable 2.0.2
- nixpkgs-unstable 2.0.2
- nixos-unstable-small 2.0.2
nixos-25.11 2.0.2
- nixos-25.11-small 2.0.2
- nixpkgs-25.11-darwin 2.0.2

pkgs.go-chromecast

CLI for Google Chromecast, Home devices and Cast Groups

nixos-unstable 0.3.4
- nixpkgs-unstable 0.3.4
- nixos-unstable-small 0.3.4
nixos-25.11 0.3.4
- nixos-25.11-small 0.3.4
- nixpkgs-25.11-darwin 0.3.4

pkgs.google-chrome

Freeware web browser developed by Google

nixos-unstable 145.0.7632.75
- nixpkgs-unstable 145.0.7632.75
- nixos-unstable-small 145.0.7632.116
nixos-25.11 145.0.7632.109
- nixos-25.11-small 145.0.7632.109
- nixpkgs-25.11-darwin 145.0.7632.109

pkgs.xf86videoopenchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.chrome-token-signing

Chrome and Firefox extension for signing with your eID on the web

nixos-unstable 1.1.5
- nixpkgs-unstable 1.1.5
- nixos-unstable-small 1.1.5
nixos-25.11 1.1.5
- nixos-25.11-small 1.1.5
- nixpkgs-25.11-darwin 1.1.5

pkgs.chrome-pak-customizer

Simple batch tool to customize pak files in chrome or chromium-based browser

nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24
nixos-25.11 2.0-unstable-2021-06-24
- nixos-25.11-small 2.0-unstable-2021-06-24
- nixpkgs-25.11-darwin 2.0-unstable-2021-06-24

pkgs.electron-chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.1
- nixpkgs-unstable 38.8.1
- nixos-unstable-small 38.8.1
nixos-25.11 38.8.1
- nixos-25.11-small 38.8.1
- nixpkgs-25.11-darwin 38.8.1

pkgs.xf86-video-openchrome

VIA Technologies UniChrome and Chrome9 IGP video driver for the Xorg X server

nixos-unstable 0.6.225
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225

pkgs.curl-impersonate-chrome

Special build of curl that can impersonate Chrome & Firefox

nixos-25.11 1.2.0
- nixos-25.11-small 1.2.0
- nixpkgs-25.11-darwin 1.2.0

pkgs.undetected-chromedriver

Custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 145.0.7632.75
- nixpkgs-unstable 145.0.7632.75
- nixos-unstable-small 145.0.7632.116
nixos-25.11 145.0.7632.109
- nixos-25.11-small 145.0.7632.109
- nixpkgs-25.11-darwin 145.0.7632.109

pkgs.electron-chromedriver_33

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_34

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_35

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_36

WebDriver server for running Selenium tests on Chrome

nixos-25.11 36.9.5
- nixos-25.11-small 36.9.5
- nixpkgs-25.11-darwin 36.9.5

pkgs.electron-chromedriver_37

WebDriver server for running Selenium tests on Chrome

nixos-unstable 37.10.3
- nixpkgs-unstable 37.10.3
- nixos-unstable-small 37.10.3
nixos-25.11 37.10.3
- nixos-25.11-small 37.10.3
- nixpkgs-25.11-darwin 37.10.3

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable 38.8.1
- nixpkgs-unstable 38.8.1
- nixos-unstable-small 38.8.1
nixos-25.11 38.8.1
- nixos-25.11-small 38.8.1
- nixpkgs-25.11-darwin 38.8.1

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable 39.5.2
- nixpkgs-unstable 39.5.2
- nixos-unstable-small 39.5.2
nixos-25.11 39.5.2
- nixos-25.11-small 39.5.2
- nixpkgs-25.11-darwin 39.5.2

pkgs.electron-chromedriver_40

WebDriver server for running Selenium tests on Chrome

nixos-unstable 40.3.0
- nixpkgs-unstable 40.3.0
- nixos-unstable-small 40.3.0
nixos-25.11 40.3.0
- nixos-25.11-small 40.3.0
- nixpkgs-25.11-darwin 40.3.0

pkgs.xorg.xf86videoopenchrome

None

nixos-25.11 0.6.0
- nixos-25.11-small 0.6.0
- nixpkgs-25.11-darwin 0.6.0

pkgs.ocamlPackages.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2
nixos-25.11 3.20.2
- nixos-25.11-small 3.20.2
- nixpkgs-25.11-darwin 3.20.2

pkgs.noto-fonts-monochrome-emoji

Monochrome emoji font

nixos-unstable 3.000
- nixpkgs-unstable 3.000
- nixos-unstable-small 3.000
nixos-25.11 3.000
- nixos-25.11-small 3.000
- nixpkgs-25.11-darwin 3.000

pkgs.python312Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-25.11 14.0.9
- nixos-25.11-small 14.0.9
- nixpkgs-25.11-darwin 14.0.9

pkgs.python313Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9
nixos-25.11 14.0.9
- nixos-25.11-small 14.0.9
- nixpkgs-25.11-darwin 14.0.9

pkgs.python314Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.9
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.ocamlPackages_latest.chrome-trace

Chrome trace event generation library

nixos-unstable 3.20.2
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.python312Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-25.11 3.5.5
- nixos-25.11-small 3.5.5
- nixpkgs-25.11-darwin 3.5.5

pkgs.python313Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5
nixos-25.11 3.5.5
- nixos-25.11-small 3.5.5
- nixpkgs-25.11-darwin 3.5.5

pkgs.python314Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

pkgs.grafanaPlugins.ventura-psychrometric-panel

Grafana plugin to display air conditions on a psychrometric chart

nixos-unstable 5.1.0
- nixpkgs-unstable 5.1.0
- nixos-unstable-small 5.1.0
nixos-25.11 5.0.4
- nixos-25.11-small 5.0.4
- nixpkgs-25.11-darwin 5.0.4

Package maintainers

@bdesham Benjamin Esham <benjamin@esham.io>
@UlyssesZh Ulysses Zhan <ulysseszhan@gmail.com>
@mmahut Marek Mahut <marek.mahut@gmail.com>
@emilylange Emily Lange <nix@emilylange.de>
@networkException networkException <nix@nwex.de>
@GGG-KILLER GGG <gggkiller2@gmail.com>
@liam-murphy14 Liam Murphy <liam.murphy137@gmail.com>
@yayayayaka Yaya <github@uwu.is>
@zi3m5f zi3m5f <k7n3o3a6f@mozmail.com>
@johnrtitor Masum Reza <masumrezarock100@gmail.com>
@Shou Benedict Aas <x+g@shou.io>
@roberth Robert Hensing <nixpkgs@roberthensing.nl>
@nicoonoclaste nicoo <nicoo@debian.org>
@abbradar Nikolay Amiantov <ab@fmap.me>
@teutat3s teutat3s <teutates@mailbox.org>
@TomaSajt TomaSajt
@nagisa Simonas Kazlauskas <nixpkgs@kazlauskas.me>

Permalink CVE-2026-2778

created 3 weeks, 4 days ago

Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component

Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability affects Firefox < 148, Firefox ESR < 115.33, Firefox ESR < 140.8, Thunderbird < 148, and Thunderbird < 140.8.

References

Affected products

Firefox

<148

Firefox ESR

<140.8
<115.33

Thunderbird

<140.8
<148

Matching in nixpkgs

pkgs.firefoxpwa

Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)

nixos-unstable 2.18.0
- nixpkgs-unstable 2.18.0
- nixos-unstable-small 2.18.0
nixos-25.11 2.18.0
- nixos-25.11-small 2.18.0
- nixpkgs-25.11-darwin 2.18.0

pkgs.faust2firefox

The faust2firefox script, part of faust functional programming language for realtime audio signal processing

nixos-unstable 2.83.1
- nixpkgs-unstable 2.83.1
- nixos-unstable-small 2.83.1
nixos-25.11 2.79.3
- nixos-25.11-small 2.79.3
- nixpkgs-25.11-darwin 2.79.3

pkgs.firefox_decrypt

Tool to extract passwords from profiles of Mozilla Firefox and derivates

nixos-unstable 1.1.1
- nixpkgs-unstable 1.1.1
- nixos-unstable-small 1.1.1
nixos-25.11 1.1.1
- nixos-25.11-small 1.1.1
- nixpkgs-25.11-darwin 1.1.1

pkgs.pkgsRocm.firefox

Web browser built from Firefox source tree

nixos-unstable 147.0.4
- nixpkgs-unstable 147.0.4
- nixos-unstable-small 148.0
nixos-25.11 147.0.4
- nixos-25.11-small 147.0.4
- nixpkgs-25.11-darwin 147.0.4

pkgs.firefox-unwrapped

Web browser built from Firefox source tree

nixos-unstable 147.0.4
- nixpkgs-unstable 147.0.4
- nixos-unstable-small 148.0
nixos-25.11 147.0.4
- nixos-25.11-small 147.0.4
- nixpkgs-25.11-darwin 147.0.4

pkgs.firefox-gnome-theme

GNOME theme for Firefox

nixos-unstable 143
- nixpkgs-unstable 143
- nixos-unstable-small 143
nixos-25.11 143
- nixos-25.11-small 143
- nixpkgs-25.11-darwin 143

pkgs.firefox-sync-client

Commandline-utility to list/view/edit/delete entries in a firefox-sync account.

nixos-unstable 1.9.0
- nixpkgs-unstable 1.9.0
- nixos-unstable-small 1.9.0
nixos-25.11 1.9.0
- nixos-25.11-small 1.9.0
- nixpkgs-25.11-darwin 1.9.0

pkgs.pkgsRocm.firefoxpwa

Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)

nixos-unstable 2.18.0
- nixpkgs-unstable 2.18.0
- nixos-unstable-small 2.18.0
nixos-25.11 2.18.0
- nixos-25.11-small 2.18.0
- nixpkgs-25.11-darwin 2.18.0

pkgs.pkgsRocm.thunderbird

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.firefox-esr-unwrapped

Web browser built from Firefox source tree

nixos-unstable 140.7.0esr
- nixpkgs-unstable 140.7.0esr
- nixos-unstable-small 140.8.0esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.0esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.pkgsRocm.firefox-beta

Web browser built from Firefox Beta Release source tree

nixos-unstable 148.0b15
- nixpkgs-unstable 148.0b15
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.thunderbird-unwrapped

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.firefox-beta-unwrapped

Web browser built from Firefox Beta Release source tree

nixos-unstable 148.0b15
- nixpkgs-unstable 148.0b15
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.pkgsRocm.firefox-mobile

Web browser built from Firefox source tree

nixos-unstable 147.0.4
- nixpkgs-unstable 147.0.4
- nixos-unstable-small 148.0
nixos-25.11 147.0.4
- nixos-25.11-small 147.0.4
- nixpkgs-25.11-darwin 147.0.4

pkgs.firefox-esr-140-unwrapped

Web browser built from Firefox source tree

nixos-unstable 140.7.0esr
- nixpkgs-unstable 140.7.0esr
- nixos-unstable-small 140.8.0esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.0esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.thunderbird-128-unwrapped

Full-featured e-mail client

pkgs.thunderbird-140-unwrapped

Full-featured e-mail client

nixos-unstable 140.7.1esr
- nixpkgs-unstable 140.7.1esr
- nixos-unstable-small 140.7.2esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.1esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.thunderbird-esr-unwrapped

Full-featured e-mail client

nixos-unstable 140.7.1esr
- nixpkgs-unstable 140.7.1esr
- nixos-unstable-small 140.7.2esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.1esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.pkgsRocm.firefox-unwrapped

Web browser built from Firefox source tree

nixos-unstable 147.0.4
- nixpkgs-unstable 147.0.4
- nixos-unstable-small 148.0
nixos-25.11 147.0.4
- nixos-25.11-small 147.0.4
- nixpkgs-25.11-darwin 147.0.4

pkgs.pkgsRocm.firefox-devedition

Web browser built from Firefox Developer Edition source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.pkgsRocm.thunderbird-latest

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.firefox-devedition-unwrapped

Web browser built from Firefox Developer Edition source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.thunderbird-latest-unwrapped

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.pkgsRocm.thunderbird-unwrapped

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.pkgsRocm.firefox-beta-unwrapped

Web browser built from Firefox Beta Release source tree

nixos-unstable 148.0b15
- nixpkgs-unstable 148.0b15
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.thunderbirdPackages.thunderbird

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.gnomeExtensions.firefox-profiles

Easily launch Firefox with your favorite profile right from the indicator menu!

nixos-unstable 5
- nixpkgs-unstable 5
- nixos-unstable-small 5
nixos-25.11 5
- nixos-25.11-small 5
- nixpkgs-25.11-darwin 5

pkgs.roundcubePlugins.thunderbird_labels

None

nixos-unstable 1.6.0
- nixpkgs-unstable 1.6.0
- nixos-unstable-small 1.6.0
nixos-25.11 1.6.0
- nixos-25.11-small 1.6.0
- nixpkgs-25.11-darwin 1.6.0

pkgs.thunderbirdPackages.thunderbird-128

Full-featured e-mail client

pkgs.thunderbirdPackages.thunderbird-140

Full-featured e-mail client

nixos-unstable 140.7.1esr
- nixpkgs-unstable 140.7.1esr
- nixos-unstable-small 140.7.2esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.1esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.thunderbirdPackages.thunderbird-esr

Full-featured e-mail client

nixos-unstable 140.7.1esr
- nixpkgs-unstable 140.7.1esr
- nixos-unstable-small 140.7.2esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.1esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.pkgsRocm.firefox-devedition-unwrapped

Web browser built from Firefox Developer Edition source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.pkgsRocm.thunderbird-latest-unwrapped

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.thunderbirdPackages.thunderbird-latest

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.pkgsRocm.thunderbirdPackages.thunderbird

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.gnomeExtensions.firefox-pip-always-on-top

Automatically sets Picture-in-Picture windows to always be on top and visible on all workspaces

nixos-unstable 4
- nixpkgs-unstable 4
- nixos-unstable-small 4

pkgs.gnomeExtensions.pip-alwaysontop-for-firefox

Enable Picture-in-Picture(PIP) mode to always be on for Firefox in Gnome.

nixos-unstable 1
- nixpkgs-unstable 1
- nixos-unstable-small 1

pkgs.pkgsRocm.thunderbirdPackages.thunderbird-latest

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.vscode-extensions.firefox-devtools.vscode-firefox-debug

Visual Studio Code extension for debugging web applications and browser extensions in Firefox

nixos-unstable 2.15.0
- nixpkgs-unstable 2.15.0
- nixos-unstable-small 2.15.0
nixos-25.11 2.15.0
- nixos-25.11-small 2.15.0
- nixpkgs-25.11-darwin 2.15.0

Package maintainers

@pmahoney Patrick Mahoney <pat@polycrystal.org>
@magnetophon Bart Brouns <bart@magnetophon.nl>
@jopejoe1 jopejoe1 <nixpkgs@missing.ninja>
@rhendric Ryan Hendrickson
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
@ambroisie Bruno BELANYI <bruno.nixpkgs@belanyi.fr>
@lovesegfault Bernardo Meurer <meurerbernardo@gmail.com>
@schnusch schnusch
@pasqui23 pasqui23 <p3dimaria@hotmail.it>
@camillemndn Camille M. <camillemondon@free.fr>
@honnip Jung seungwoo <me@honnip.page>
@vcunat Vladimír Čunát <v@cunat.cz>
@nbp Nicolas B. Pierron <nixos@nbp.name>
@felschr Felix Schröter <dev@felschr.com>
@nekowinston winston <hey@winston.sh>
@booxter Ihar Hrachyshka <ihar.hrachyshka@gmail.com>

Permalink CVE-2026-2801

created 3 weeks, 4 days ago

Incorrect boundary conditions in the JavaScript: WebAssembly component

Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148.

References

Affected products

Firefox

<148

Thunderbird

<148

Matching in nixpkgs

pkgs.firefoxpwa

Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)

nixos-unstable 2.18.0
- nixpkgs-unstable 2.18.0
- nixos-unstable-small 2.18.0
nixos-25.11 2.18.0
- nixos-25.11-small 2.18.0
- nixpkgs-25.11-darwin 2.18.0

pkgs.faust2firefox

The faust2firefox script, part of faust functional programming language for realtime audio signal processing

nixos-unstable 2.83.1
- nixpkgs-unstable 2.83.1
- nixos-unstable-small 2.83.1
nixos-25.11 2.79.3
- nixos-25.11-small 2.79.3
- nixpkgs-25.11-darwin 2.79.3

pkgs.firefox_decrypt

Tool to extract passwords from profiles of Mozilla Firefox and derivates

nixos-unstable 1.1.1
- nixpkgs-unstable 1.1.1
- nixos-unstable-small 1.1.1
nixos-25.11 1.1.1
- nixos-25.11-small 1.1.1
- nixpkgs-25.11-darwin 1.1.1

pkgs.pkgsRocm.firefox

Web browser built from Firefox source tree

nixos-unstable 147.0.4
- nixpkgs-unstable 147.0.4
- nixos-unstable-small 148.0
nixos-25.11 147.0.4
- nixos-25.11-small 147.0.4
- nixpkgs-25.11-darwin 147.0.4

pkgs.firefox-unwrapped

Web browser built from Firefox source tree

nixos-unstable 147.0.4
- nixpkgs-unstable 147.0.4
- nixos-unstable-small 148.0
nixos-25.11 147.0.4
- nixos-25.11-small 147.0.4
- nixpkgs-25.11-darwin 147.0.4

pkgs.firefox-gnome-theme

GNOME theme for Firefox

nixos-unstable 143
- nixpkgs-unstable 143
- nixos-unstable-small 143
nixos-25.11 143
- nixos-25.11-small 143
- nixpkgs-25.11-darwin 143

pkgs.firefox-sync-client

Commandline-utility to list/view/edit/delete entries in a firefox-sync account.

nixos-unstable 1.9.0
- nixpkgs-unstable 1.9.0
- nixos-unstable-small 1.9.0
nixos-25.11 1.9.0
- nixos-25.11-small 1.9.0
- nixpkgs-25.11-darwin 1.9.0

pkgs.pkgsRocm.firefoxpwa

Tool to install, manage and use Progressive Web Apps (PWAs) in Mozilla Firefox (native component)

nixos-unstable 2.18.0
- nixpkgs-unstable 2.18.0
- nixos-unstable-small 2.18.0
nixos-25.11 2.18.0
- nixos-25.11-small 2.18.0
- nixpkgs-25.11-darwin 2.18.0

pkgs.pkgsRocm.thunderbird

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.firefox-esr-unwrapped

Web browser built from Firefox source tree

nixos-unstable 140.7.0esr
- nixpkgs-unstable 140.7.0esr
- nixos-unstable-small 140.8.0esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.0esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.pkgsRocm.firefox-beta

Web browser built from Firefox Beta Release source tree

nixos-unstable 148.0b15
- nixpkgs-unstable 148.0b15
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.thunderbird-unwrapped

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.firefox-beta-unwrapped

Web browser built from Firefox Beta Release source tree

nixos-unstable 148.0b15
- nixpkgs-unstable 148.0b15
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.pkgsRocm.firefox-mobile

Web browser built from Firefox source tree

nixos-unstable 147.0.4
- nixpkgs-unstable 147.0.4
- nixos-unstable-small 148.0
nixos-25.11 147.0.4
- nixos-25.11-small 147.0.4
- nixpkgs-25.11-darwin 147.0.4

pkgs.firefox-esr-140-unwrapped

Web browser built from Firefox source tree

nixos-unstable 140.7.0esr
- nixpkgs-unstable 140.7.0esr
- nixos-unstable-small 140.8.0esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.0esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.thunderbird-128-unwrapped

Full-featured e-mail client

pkgs.thunderbird-140-unwrapped

Full-featured e-mail client

nixos-unstable 140.7.1esr
- nixpkgs-unstable 140.7.1esr
- nixos-unstable-small 140.7.2esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.1esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.thunderbird-esr-unwrapped

Full-featured e-mail client

nixos-unstable 140.7.1esr
- nixpkgs-unstable 140.7.1esr
- nixos-unstable-small 140.7.2esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.1esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.pkgsRocm.firefox-unwrapped

Web browser built from Firefox source tree

nixos-unstable 147.0.4
- nixpkgs-unstable 147.0.4
- nixos-unstable-small 148.0
nixos-25.11 147.0.4
- nixos-25.11-small 147.0.4
- nixpkgs-25.11-darwin 147.0.4

pkgs.pkgsRocm.firefox-devedition

Web browser built from Firefox Developer Edition source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.pkgsRocm.thunderbird-latest

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.firefox-devedition-unwrapped

Web browser built from Firefox Developer Edition source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.thunderbird-latest-unwrapped

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.pkgsRocm.thunderbird-unwrapped

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.pkgsRocm.firefox-beta-unwrapped

Web browser built from Firefox Beta Release source tree

nixos-unstable 148.0b15
- nixpkgs-unstable 148.0b15
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.thunderbirdPackages.thunderbird

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.gnomeExtensions.firefox-profiles

Easily launch Firefox with your favorite profile right from the indicator menu!

nixos-unstable 5
- nixpkgs-unstable 5
- nixos-unstable-small 5
nixos-25.11 5
- nixos-25.11-small 5
- nixpkgs-25.11-darwin 5

pkgs.roundcubePlugins.thunderbird_labels

None

nixos-unstable 1.6.0
- nixpkgs-unstable 1.6.0
- nixos-unstable-small 1.6.0
nixos-25.11 1.6.0
- nixos-25.11-small 1.6.0
- nixpkgs-25.11-darwin 1.6.0

pkgs.thunderbirdPackages.thunderbird-128

Full-featured e-mail client

pkgs.thunderbirdPackages.thunderbird-140

Full-featured e-mail client

nixos-unstable 140.7.1esr
- nixpkgs-unstable 140.7.1esr
- nixos-unstable-small 140.7.2esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.1esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.thunderbirdPackages.thunderbird-esr

Full-featured e-mail client

nixos-unstable 140.7.1esr
- nixpkgs-unstable 140.7.1esr
- nixos-unstable-small 140.7.2esr
nixos-25.11 140.7.0esr
- nixos-25.11-small 140.7.1esr
- nixpkgs-25.11-darwin 140.7.0esr

pkgs.pkgsRocm.firefox-devedition-unwrapped

Web browser built from Firefox Developer Edition source tree

nixos-unstable 148.0b14
- nixpkgs-unstable 148.0b14
- nixos-unstable-small 148.0b15
nixos-25.11 148.0b15
- nixos-25.11-small 148.0b15
- nixpkgs-25.11-darwin 148.0b15

pkgs.pkgsRocm.thunderbird-latest-unwrapped

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.thunderbirdPackages.thunderbird-latest

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.pkgsRocm.thunderbirdPackages.thunderbird

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.gnomeExtensions.firefox-pip-always-on-top

Automatically sets Picture-in-Picture windows to always be on top and visible on all workspaces

nixos-unstable 4
- nixpkgs-unstable 4
- nixos-unstable-small 4

pkgs.gnomeExtensions.pip-alwaysontop-for-firefox

Enable Picture-in-Picture(PIP) mode to always be on for Firefox in Gnome.

nixos-unstable 1
- nixpkgs-unstable 1
- nixos-unstable-small 1

pkgs.pkgsRocm.thunderbirdPackages.thunderbird-latest

Full-featured e-mail client

nixos-unstable 147.0.1
- nixpkgs-unstable 147.0.1
- nixos-unstable-small 147.0.2
nixos-25.11 147.0.1
- nixos-25.11-small 147.0.2
- nixpkgs-25.11-darwin 147.0.1

pkgs.vscode-extensions.firefox-devtools.vscode-firefox-debug

Visual Studio Code extension for debugging web applications and browser extensions in Firefox

nixos-unstable 2.15.0
- nixpkgs-unstable 2.15.0
- nixos-unstable-small 2.15.0
nixos-25.11 2.15.0
- nixos-25.11-small 2.15.0
- nixpkgs-25.11-darwin 2.15.0

Package maintainers

@pmahoney Patrick Mahoney <pat@polycrystal.org>
@magnetophon Bart Brouns <bart@magnetophon.nl>
@jopejoe1 jopejoe1 <nixpkgs@missing.ninja>
@rhendric Ryan Hendrickson
@mweinelt Martin Weinelt <hexa@darmstadt.ccc.de>
@ambroisie Bruno BELANYI <bruno.nixpkgs@belanyi.fr>
@lovesegfault Bernardo Meurer <meurerbernardo@gmail.com>
@schnusch schnusch
@pasqui23 pasqui23 <p3dimaria@hotmail.it>
@camillemndn Camille M. <camillemondon@free.fr>
@honnip Jung seungwoo <me@honnip.page>
@vcunat Vladimír Čunát <v@cunat.cz>
@nbp Nicolas B. Pierron <nixos@nbp.name>
@felschr Felix Schröter <dev@felschr.com>
@nekowinston winston <hey@winston.sh>
@booxter Ihar Hrachyshka <ihar.hrachyshka@gmail.com>

Automatically generated suggestions

References

Affected products

Matching in nixpkgs

pkgs.netflix

pkgs.chromedriver

pkgs.mkchromecast

pkgs.chrome-export

pkgs.go-chromecast

pkgs.google-chrome

pkgs.xf86videoopenchrome

pkgs.chrome-token-signing

pkgs.chrome-pak-customizer

pkgs.electron-chromedriver

pkgs.xf86-video-openchrome

pkgs.curl-impersonate-chrome

pkgs.undetected-chromedriver

pkgs.electron-chromedriver_33

pkgs.electron-chromedriver_34

pkgs.electron-chromedriver_35

pkgs.electron-chromedriver_36

pkgs.electron-chromedriver_37

pkgs.electron-chromedriver_38

pkgs.electron-chromedriver_39

pkgs.electron-chromedriver_40

pkgs.xorg.xf86videoopenchrome

pkgs.ocamlPackages.chrome-trace

pkgs.noto-fonts-monochrome-emoji

pkgs.python312Packages.pychromecast

pkgs.python313Packages.pychromecast

pkgs.python314Packages.pychromecast

pkgs.ocamlPackages_latest.chrome-trace

pkgs.python312Packages.undetected-chromedriver

pkgs.python313Packages.undetected-chromedriver

pkgs.python314Packages.undetected-chromedriver

pkgs.grafanaPlugins.ventura-psychrometric-panel

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.firefoxpwa

pkgs.faust2firefox

pkgs.firefox_decrypt

pkgs.pkgsRocm.firefox

pkgs.firefox-unwrapped

pkgs.firefox-gnome-theme

pkgs.firefox-sync-client

pkgs.pkgsRocm.firefoxpwa

pkgs.pkgsRocm.thunderbird

pkgs.firefox-esr-unwrapped

pkgs.pkgsRocm.firefox-beta

pkgs.thunderbird-unwrapped

pkgs.firefox-beta-unwrapped

pkgs.pkgsRocm.firefox-mobile

pkgs.firefox-esr-140-unwrapped

pkgs.thunderbird-128-unwrapped

pkgs.thunderbird-140-unwrapped

pkgs.thunderbird-esr-unwrapped

pkgs.pkgsRocm.firefox-unwrapped

pkgs.pkgsRocm.firefox-devedition

pkgs.pkgsRocm.thunderbird-latest

pkgs.firefox-devedition-unwrapped

pkgs.thunderbird-latest-unwrapped

pkgs.pkgsRocm.thunderbird-unwrapped

pkgs.pkgsRocm.firefox-beta-unwrapped

pkgs.thunderbirdPackages.thunderbird

pkgs.gnomeExtensions.firefox-profiles

pkgs.roundcubePlugins.thunderbird_labels

pkgs.thunderbirdPackages.thunderbird-128

pkgs.thunderbirdPackages.thunderbird-140

pkgs.thunderbirdPackages.thunderbird-esr

pkgs.pkgsRocm.firefox-devedition-unwrapped

pkgs.pkgsRocm.thunderbird-latest-unwrapped

pkgs.thunderbirdPackages.thunderbird-latest

pkgs.pkgsRocm.thunderbirdPackages.thunderbird

pkgs.gnomeExtensions.firefox-pip-always-on-top

pkgs.gnomeExtensions.pip-alwaysontop-for-firefox

pkgs.pkgsRocm.thunderbirdPackages.thunderbird-latest

pkgs.vscode-extensions.firefox-devtools.vscode-firefox-debug

Package maintainers