Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Untriaged

Permalink CVE-2026-2320

6.5 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): HIGH
Availability impact (A): NONE

updated 2 months ago by @fricklerhandwerk Activity log

Created automatic suggestion 2 months ago
@fricklerhandwerk ignored
25 packages
- grafanaPlugins.ventura-psychrometric-panel
- ocamlPackages_latest.chrome-trace
- python314Packages.pychromecast
- python313Packages.pychromecast
- python312Packages.pychromecast
- noto-fonts-monochrome-emoji
- ocamlPackages.chrome-trace
- xorg.xf86videoopenchrome
- electron-chromedriver_40
- electron-chromedriver_39
- electron-chromedriver_38
- electron-chromedriver_37
- electron-chromedriver_36
- electron-chromedriver_35
- electron-chromedriver_34
- electron-chromedriver_33
- curl-impersonate-chrome
- chrome-pak-customizer
- chrome-token-signing
- google-chrome
- go-chromecast
- chrome-export
- mkchromecast
- chromedriver
- netflix
2 months ago

Inappropriate implementation in File input in Google Chrome prior to …

Inappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

References

Affected products

Chrome

<145.0.7632.45

Matching in nixpkgs

pkgs.undetected-chromedriver

Custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 139.0.7258.66
- nixpkgs-unstable 144.0.7559.109
- nixos-unstable-small 144.0.7559.109
nixos-25.11 143.0.7499.169
- nixpkgs-25.11-darwin 143.0.7499.169

pkgs.python312Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
nixos-25.11 3.5.5
- nixpkgs-25.11-darwin 3.5.5

pkgs.python313Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable 3.5.5
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5
nixos-25.11 3.5.5
- nixpkgs-25.11-darwin 3.5.5

pkgs.python314Packages.undetected-chromedriver

Python library for the custom Selenium ChromeDriver that passes all bot mitigation systems

nixos-unstable -
- nixpkgs-unstable 3.5.5
- nixos-unstable-small 3.5.5

Ignored packages (25)

pkgs.netflix

Open Netflix in Google Chrome app mode

nixos-unstable -
- nixpkgs-unstable
- nixos-unstable-small
nixos-25.11 -
- nixpkgs-25.11-darwin

pkgs.chromedriver

WebDriver server for running Selenium tests on Chrome

nixos-unstable 139.0.7258.66
- nixpkgs-unstable 144.0.7559.109
- nixos-unstable-small 144.0.7559.109
nixos-25.11 143.0.7499.169
- nixpkgs-25.11-darwin 143.0.7499.169

pkgs.mkchromecast

Cast macOS and Linux Audio/Video to your Google Cast and Sonos Devices

nixos-unstable 2022-10-31
- nixpkgs-unstable 2025-12-21
- nixos-unstable-small 2025-12-21
nixos-25.11 2022-10-31
- nixpkgs-25.11-darwin 2022-10-31

pkgs.chrome-export

Scripts to save Google Chrome's bookmarks and history as HTML bookmarks files

nixos-unstable 2.0.2
- nixpkgs-unstable 2.0.2
- nixos-unstable-small 2.0.2
nixos-25.11 2.0.2
- nixpkgs-25.11-darwin 2.0.2

pkgs.go-chromecast

CLI for Google Chromecast, Home devices and Cast Groups

nixos-unstable 0.3.4
- nixpkgs-unstable 0.3.4
- nixos-unstable-small 0.3.4
nixos-25.11 0.3.4
- nixpkgs-25.11-darwin 0.3.4

pkgs.google-chrome

Freeware web browser developed by Google

nixos-unstable 138.0.7204.183
- nixpkgs-unstable 144.0.7559.109
- nixos-unstable-small 144.0.7559.109
nixos-25.11 143.0.7499.169
- nixpkgs-25.11-darwin 143.0.7499.169

pkgs.chrome-token-signing

Chrome and Firefox extension for signing with your eID on the web

nixos-unstable 1.1.5
- nixpkgs-unstable 1.1.5
- nixos-unstable-small 1.1.5
nixos-25.11 1.1.5
- nixpkgs-25.11-darwin 1.1.5

pkgs.chrome-pak-customizer

Simple batch tool to customize pak files in chrome or chromium-based browser

nixos-unstable 2.0-unstable-2021-06-24
- nixpkgs-unstable 2.0-unstable-2021-06-24
- nixos-unstable-small 2.0-unstable-2021-06-24
nixos-25.11 2.0-unstable-2021-06-24
- nixpkgs-25.11-darwin 2.0-unstable-2021-06-24

pkgs.curl-impersonate-chrome

Special build of curl that can impersonate Chrome & Firefox

nixos-unstable 0.8.0
nixos-25.11 1.2.0
- nixpkgs-25.11-darwin 1.2.0

pkgs.electron-chromedriver_33

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_34

WebDriver server for running Selenium tests on Chrome

pkgs.electron-chromedriver_35

WebDriver server for running Selenium tests on Chrome

nixos-unstable 35.7.4

pkgs.electron-chromedriver_36

WebDriver server for running Selenium tests on Chrome

nixos-unstable 36.7.3
- nixpkgs-unstable 36.9.5
- nixos-unstable-small 36.9.5
nixos-25.11 36.9.5
- nixpkgs-25.11-darwin 36.9.5

pkgs.electron-chromedriver_37

WebDriver server for running Selenium tests on Chrome

nixos-unstable 37.2.6
- nixpkgs-unstable 37.10.3
- nixos-unstable-small 37.10.3
nixos-25.11 37.10.2
- nixpkgs-25.11-darwin 37.10.2

pkgs.electron-chromedriver_38

WebDriver server for running Selenium tests on Chrome

nixos-unstable -
- nixpkgs-unstable 38.8.0
- nixos-unstable-small 38.8.0
nixos-25.11 38.7.1
- nixpkgs-25.11-darwin 38.7.1

pkgs.electron-chromedriver_39

WebDriver server for running Selenium tests on Chrome

nixos-unstable -
- nixpkgs-unstable 39.4.0
- nixos-unstable-small 39.4.0
nixos-25.11 39.2.3
- nixpkgs-25.11-darwin 39.2.3

pkgs.electron-chromedriver_40

WebDriver server for running Selenium tests on Chrome

nixos-unstable -
- nixpkgs-unstable 40.1.0
- nixos-unstable-small 40.1.0

pkgs.xorg.xf86videoopenchrome

None

nixos-unstable 0.6.0
- nixpkgs-unstable 0.6.225
- nixos-unstable-small 0.6.225
nixos-25.11 0.6.0
- nixpkgs-25.11-darwin 0.6.0

pkgs.ocamlPackages.chrome-trace

Chrome trace event generation library

nixos-unstable -
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2
nixos-25.11 3.20.2
- nixpkgs-25.11-darwin 3.20.2

pkgs.noto-fonts-monochrome-emoji

Monochrome emoji font

nixos-unstable 3.000
- nixpkgs-unstable 3.000
- nixos-unstable-small 3.000
nixos-25.11 3.000
- nixpkgs-25.11-darwin 3.000

pkgs.python312Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.7
nixos-25.11 14.0.9
- nixpkgs-25.11-darwin 14.0.9

pkgs.python313Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable 14.0.7
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9
nixos-25.11 14.0.9
- nixpkgs-25.11-darwin 14.0.9

pkgs.python314Packages.pychromecast

Library for Python to communicate with the Google Chromecast

nixos-unstable -
- nixpkgs-unstable 14.0.9
- nixos-unstable-small 14.0.9

pkgs.ocamlPackages_latest.chrome-trace

Chrome trace event generation library

nixos-unstable -
- nixpkgs-unstable 3.20.2
- nixos-unstable-small 3.20.2

pkgs.grafanaPlugins.ventura-psychrometric-panel

Grafana plugin to display air conditions on a psychrometric chart

nixos-unstable 5.0.1
- nixpkgs-unstable 5.1.0
- nixos-unstable-small 5.1.0
nixos-25.11 5.0.4
- nixpkgs-25.11-darwin 5.0.4