CVE-2023-43090
gnome-shell - security update
5.5
MEDIUM
CVSS 3.1
EPSS 0.09%
Description
A vulnerability was found in GNOME Shell. GNOME Shell's lock screen allows an unauthenticated local user to view windows of the locked desktop session by using keyboard shortcuts to unlock the restricted functionality of the screenshot tool.
How to fix CVE-2023-43090
To remediate CVE-2023-43090, upgrade the affected package to a fixed version below.
- Debian/gnome-shell—upgrade to 43.6-1~deb12u2 or later
- —upgrade to 43.6-1~deb12u2 or later
Is CVE-2023-43090 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 43.6-1~deb12u2
- from 0, < 43.6-1~deb12u2
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM5.5 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |