{"api_version":"1","generated_at":"2026-04-20T04:40:58+00:00","cve":"CVE-2023-43090","urls":{"html":"https://cve.report/CVE-2023-43090","api":"https://cve.report/api/cve/CVE-2023-43090.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-43090","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-43090"},"summary":{"title":"CVE-2023-43090","description":"A vulnerability was found in GNOME Shell. GNOME Shell's lock screen allows an unauthenticated local user to view windows of the locked desktop session by using keyboard shortcuts to unlock the restricted functionality of the screenshot tool.","state":"PUBLIC","assigner":"patrick@puiterwijk.org","published_at":"2023-09-22 06:15:00","updated_at":"2023-09-26 13:10:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/6990","name":"https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/6990","refsource":"MISC","tags":[],"title":"(CVE-2023-43090) Screenshot tool allows viewing open windows when session is locked (#6990) · Issues · GNOME / gnome-shell · GitLab","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/security/cve/CVE-2023-43090","name":"https://access.redhat.com/security/cve/CVE-2023-43090","refsource":"MISC","tags":[],"title":"cve-details","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/2944","name":"https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/2944","refsource":"MISC","tags":[],"title":"screenshot: Some fixes to shortcut handling (!2944) · Merge requests · GNOME / gnome-shell · GitLab","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2239087","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2239087","refsource":"MISC","tags":[],"title":"2239087 – (CVE-2023-43090) CVE-2023-43090 gnome-shell: Screenshot tool allows viewing open windows when session is locked","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-43090","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-43090","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"43090","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"37","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"43090","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"38","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"43090","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"gnome-shell","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"43090","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"gnome","cpe5":"gnome-shell","cpe6":"42","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-43090","qid":"199779","title":"Ubuntu Security Notification for GNOME Shell Vulnerability (USN-6395-1)"},{"cve":"CVE-2023-43090","qid":"6000176","title":"Debian Security Update for gnome-shell (DSA 5501-1)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-43090","ASSIGNER":"patrick@puiterwijk.org","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A vulnerability was found in GNOME Shell. GNOME Shell's lock screen allows an unauthenticated local user to view windows of the locked desktop session by using keyboard shortcuts to unlock the restricted functionality of the screenshot tool."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"gnome-shell","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"version":"44.5","status":"unaffected"},{"version":"43.9","status":"unaffected"}]}}]}}]}},{"vendor_name":"Red Hat","product":{"product_data":[{"product_name":"Red Hat Enterprise Linux 7","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unaffected"}}]}},{"product_name":"Red Hat Enterprise Linux 8","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unaffected"}}]}},{"product_name":"Red Hat Enterprise Linux 9","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"unaffected"}}]}}]}},{"vendor_name":"Fedora","product":{"product_data":[{"product_name":"Fedora 37","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}}]}},{"product_name":"Fedora 38","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"defaultStatus":"affected"}}]}}]}}]}},"references":{"reference_data":[{"url":"https://access.redhat.com/security/cve/CVE-2023-43090","refsource":"MISC","name":"https://access.redhat.com/security/cve/CVE-2023-43090"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2239087","refsource":"MISC","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2239087"},{"url":"https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/6990","refsource":"MISC","name":"https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/6990"},{"url":"https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/2944","refsource":"MISC","name":"https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/2944"}]},"credits":[{"lang":"en","value":"Red Hat would like to thank Mickael Karatekin (SysDream) for reporting this issue."}],"impact":{"cvss":[{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":5.5,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","version":"3.1"}]}},"nvd":{"publishedDate":"2023-09-22 06:15:00","lastModifiedDate":"2023-09-26 13:10:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.8,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:gnome:gnome-shell:*:*:*:*:*:*:*:*","versionStartIncluding":"44","versionEndExcluding":"44.5","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:gnome:gnome-shell:*:*:*:*:*:*:*:*","versionStartIncluding":"43","versionEndExcluding":"43.9","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:gnome:gnome-shell:42:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}