CVE-2023-43090
MEDIUMGNOME Shell 43-43.9 - Unauthenticated Information Disclosure via Lock Screen Screenshot Tool
Title source: llmDescription
A vulnerability was found in GNOME Shell. GNOME Shell's lock screen allows an unauthenticated local user to view windows of the locked desktop session by using keyboard shortcuts to unlock the restricted functionality of the screenshot tool.
References (4)
Core 4
Core References
Exploit, Issue Tracking, Patch, Vendor Advisory
https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/6990
Patch, Vendor Advisory
https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/2944
Third Party Advisory vdb-entry
x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2023-43090
Issue Tracking, Third Party Advisory issue-tracking
x_refsource_redhat
https://bugzilla.redhat.com/show_bug.cgi?id=2239087
Scores
CVSS v3
5.5
EPSS
0.0009
EPSS Percentile
25.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-862
Status
published
Products (4)
fedoraproject/fedora
37
fedoraproject/fedora
38
gnome/gnome-shell
42
gnome/gnome-shell
43 - 43.9
Published
Sep 22, 2023
Tracked Since
Feb 18, 2026