CVE-2014-1949
EPSS 0.04%
Description
GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and other applications, allows physically proximate attackers to bypass the lock screen by pressing the menu button.
How to fix CVE-2014-1949
To remediate CVE-2014-1949, upgrade the affected package to a fixed version below.
- Debian/cinnamon—upgrade to 2.2.14-1 or later
- Debian/gtk+3.0—upgrade to 3.11.8-1 or later
Is CVE-2014-1949 being exploited?
Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 2.2.14-1
- from 0, < 3.11.8-1