Known Vulnerabilities for Gnome-shell by Gnome
Listed below are 10 of the newest known vulnerabilities associated with "Gnome-shell" by "Gnome".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-20315 | A locking protection bypass flaw was found in some versions of gnome-shell as shipped within CentOS Stream 8, when the "Appli... | 6.1 - MEDIUM | 2022-02-18 | 2022-12-03 |
| CVE-2021-3982 | Linux distributions using CAP_SYS_NICE for gnome-shell may be exposed to a privilege escalation issue. An attacker, with low ... | 5.5 - MEDIUM | 2022-04-29 | 2023-02-03 |
| CVE-2020-17489 | An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging out of an account, the pa... | 4.3 - MEDIUM | 2020-08-11 | 2021-03-26 |
| CVE-2019-3820 | It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An... | 4.3 - MEDIUM | 2019-02-06 | 2021-09-29 |
| CVE-2017-8288 | gnome-shell 3.22 through 3.24.1 mishandles extensions that fail to reload, which can lead to leaving extensions enabled in th... | 8.1 - HIGH | 2017-04-27 | 2017-05-10 |
| CVE-2014-7300 | GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of al... | 7.2 - HIGH | 2014-12-25 | 2016-08-31 |
| CVE-2013-7221 | The automatic screen lock functionality in GNOME Shell (aka gnome-shell) before 3.10 does not prevent access to the "Enter a ... | 4.6 - MEDIUM | 2014-04-29 | 2014-04-29 |
| CVE-2013-7220 | js/ui/screenShield.js in GNOME Shell (aka gnome-shell) before 3.8 allows physically proximate attackers to execute arbitrary ... | 4.6 - MEDIUM | 2014-04-29 | 2014-04-29 |
| CVE-2012-4427 | The gnome-shell plugin 3.4.1 in GNOME allows remote attackers to force the download and installation of arbitrary extensions ... | 6.8 - MEDIUM | 2012-10-01 | 2012-10-02 |
| CVE-2010-4000 | gnome-shell in GNOME Shell 2.31.5 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gai... | 6.9 - MEDIUM | 2010-11-06 | 2010-11-08 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Gnome | Gnome-shell | 3.9.92 | All | All | All |
| Application | Gnome | Gnome-shell | 3.9.91 | All | All | All |
| Application | Gnome | Gnome-shell | 3.9.90 | All | All | All |
| Application | Gnome | Gnome-shell | 3.9.5 | All | All | All |
| Application | Gnome | Gnome-shell | 3.9.4 | All | All | All |
| Application | Gnome | Gnome-shell | 3.9.3 | All | All | All |
| Application | Gnome | Gnome-shell | 3.9.2 | All | All | All |
| Application | Gnome | Gnome-shell | 3.9.1 | All | All | All |
| Application | Gnome | Gnome-shell | 3.8.4 | All | All | All |
| Application | Gnome | Gnome-shell | 3.8.3 | All | All | All |
| Application | Gnome | Gnome-shell | 3.8.2 | All | All | All |
| Application | Gnome | Gnome-shell | 3.8.1 | All | All | All |
| Application | Gnome | Gnome-shell | 3.8.0.1 | All | All | All |
| Application | Gnome | Gnome-shell | 3.8.0 | All | All | All |
| Application | Gnome | Gnome-shell | 3.7.92 | All | All | All |
| Application | Gnome | Gnome-shell | 3.7.91 | All | All | All |
| Application | Gnome | Gnome-shell | 3.7.90 | All | All | All |
| Application | Gnome | Gnome-shell | 3.7.5 | All | All | All |
| Application | Gnome | Gnome-shell | 3.7.4.1 | All | All | All |
| Application | Gnome | Gnome-shell | 3.7.4 | All | All | All |