Search for packages
Package details: pkg:deb/debian/gnome-shell@3.22.3-3
purl pkg:deb/debian/gnome-shell@3.22.3-3
Next non-vulnerable version 48.2-3
Latest non-vulnerable version 48.2-3
Risk 4.0
Vulnerabilities affecting this package (3)
Vulnerability Summary Fixed by
VCID-35uj-bty2-aaac
Aliases:
CVE-2020-17489
An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging out of an account, the password box from the login dialog reappears with the password still visible. If the user had decided to have the password shown in cleartext at login time, it is then visible for a brief moment upon a logout. (If the password were never shown in cleartext, only the password length is revealed.)
3.30.2-11~deb10u2
Affected by 3 other vulnerabilities.
3.38.6-1~deb11u2
Affected by 1 other vulnerability.
VCID-9s2f-7kdf-aaam
Aliases:
CVE-2012-4427
The gnome-shell plugin 3.4.1 in GNOME allows remote attackers to force the download and installation of arbitrary extensions from extensions.gnome.org via a crafted web page.
3.38.6-1~deb11u1
Affected by 1 other vulnerability.
3.38.6-1~deb11u2
Affected by 1 other vulnerability.
VCID-dmp9-4dsk-aaaa
Aliases:
CVE-2019-3820
It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions.
3.30.2-11~deb10u2
Affected by 3 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-h27m-268d-aaas gnome-shell 3.22 through 3.24.1 mishandles extensions that fail to reload, which can lead to leaving extensions enabled in the lock screen. With these extensions, a bystander could launch applications (but not interact with them), see information from the extensions (e.g., what applications you have opened or what music you were playing), or even execute arbitrary commands. It all depends on what extensions a user has enabled. The problem is caused by lack of exception handling in js/ui/extensionSystem.js. CVE-2017-8288

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T18:58:13.740391+00:00 Debian Importer Affected by VCID-9s2f-7kdf-aaam None 36.1.3
2025-06-21T18:12:47.697716+00:00 Debian Oval Importer Affected by VCID-9s2f-7kdf-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T17:57:17.673069+00:00 Debian Oval Importer Fixing VCID-h27m-268d-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T17:44:17.550212+00:00 Debian Oval Importer Affected by VCID-35uj-bty2-aaac https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T15:54:15.415220+00:00 Debian Oval Importer Affected by VCID-dmp9-4dsk-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T01:51:39.175710+00:00 Debian Oval Importer Affected by VCID-9s2f-7kdf-aaam None 36.1.3
2025-06-21T01:18:31.945445+00:00 Debian Oval Importer Affected by VCID-35uj-bty2-aaac None 36.1.3
2025-06-21T01:07:26.336850+00:00 Debian Oval Importer Affected by VCID-dmp9-4dsk-aaaa None 36.1.3
2025-06-20T21:51:02.339652+00:00 Debian Oval Importer Fixing VCID-h27m-268d-aaas None 36.1.3
2025-06-08T13:09:41.576540+00:00 Debian Oval Importer Affected by VCID-35uj-bty2-aaac https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T10:44:05.914847+00:00 Debian Oval Importer Affected by VCID-9s2f-7kdf-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T10:28:59.018347+00:00 Debian Oval Importer Fixing VCID-h27m-268d-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T10:17:23.669443+00:00 Debian Oval Importer Affected by VCID-35uj-bty2-aaac https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T08:47:31.445102+00:00 Debian Oval Importer Affected by VCID-dmp9-4dsk-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-07T19:14:59.551460+00:00 Debian Oval Importer Affected by VCID-9s2f-7kdf-aaam None 36.1.0
2025-06-07T18:41:16.511582+00:00 Debian Oval Importer Affected by VCID-35uj-bty2-aaac None 36.1.0
2025-06-07T18:30:02.454269+00:00 Debian Oval Importer Affected by VCID-dmp9-4dsk-aaaa None 36.1.0
2025-06-07T15:14:15.461399+00:00 Debian Oval Importer Fixing VCID-h27m-268d-aaas None 36.1.0
2025-04-12T21:34:05.021603+00:00 Debian Oval Importer Fixing VCID-h27m-268d-aaas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:39:57.811024+00:00 Debian Oval Importer Affected by VCID-dmp9-4dsk-aaaa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:57:22.490048+00:00 Debian Oval Importer Affected by VCID-35uj-bty2-aaac https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T16:26:01.707562+00:00 Debian Oval Importer Affected by VCID-9s2f-7kdf-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T16:10:14.410141+00:00 Debian Oval Importer Fixing VCID-h27m-268d-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-12T15:58:15.431093+00:00 Debian Oval Importer Affected by VCID-35uj-bty2-aaac https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T07:19:06.372448+00:00 Debian Oval Importer Affected by VCID-dmp9-4dsk-aaaa https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-07T17:52:47.784388+00:00 Debian Oval Importer Affected by VCID-9s2f-7kdf-aaam None 36.0.0
2025-04-07T17:19:05.054316+00:00 Debian Oval Importer Affected by VCID-35uj-bty2-aaac None 36.0.0
2025-04-07T17:07:42.432709+00:00 Debian Oval Importer Affected by VCID-dmp9-4dsk-aaaa None 36.0.0
2025-04-07T13:45:53.629480+00:00 Debian Oval Importer Fixing VCID-h27m-268d-aaas None 36.0.0
2025-04-07T04:50:42.908990+00:00 Debian Importer Affected by VCID-dmp9-4dsk-aaaa None 36.0.0
2025-04-05T15:07:46.184275+00:00 Debian Importer Affected by VCID-9s2f-7kdf-aaam None 36.0.0
2025-02-19T09:22:00.233201+00:00 Debian Importer Affected by VCID-dmp9-4dsk-aaaa None 35.1.0
2025-02-18T10:48:07.746911+00:00 Debian Importer Affected by VCID-9s2f-7kdf-aaam None 35.1.0
2024-11-29T06:58:56.999778+00:00 Debian Oval Importer Affected by VCID-9s2f-7kdf-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 35.0.0
2024-11-21T07:48:52.463518+00:00 Debian Importer Affected by VCID-9s2f-7kdf-aaam None 35.0.0
2024-11-19T07:41:45.589625+00:00 Debian Importer Affected by VCID-9s2f-7kdf-aaam None 34.3.2
2024-10-14T13:24:17.589189+00:00 Debian Oval Importer Affected by VCID-9s2f-7kdf-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-08T08:32:31.240114+00:00 Debian Importer Affected by VCID-9s2f-7kdf-aaam None 34.0.2
2024-09-21T09:54:33.729654+00:00 Debian Oval Importer Affected by VCID-9s2f-7kdf-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1
2024-09-17T23:18:54.451370+00:00 Debian Importer Affected by VCID-9s2f-7kdf-aaam None 34.0.1
2024-04-24T15:56:10.926032+00:00 Debian Importer Affected by VCID-dmp9-4dsk-aaaa None 34.0.0rc4
2024-04-24T08:08:42.822289+00:00 Debian Importer Affected by VCID-9s2f-7kdf-aaam None 34.0.0rc4
2024-01-10T18:16:23.410117+00:00 Debian Importer Affected by VCID-dmp9-4dsk-aaaa None 34.0.0rc2
2024-01-10T10:05:54.702255+00:00 Debian Importer Affected by VCID-9s2f-7kdf-aaam None 34.0.0rc2
2024-01-04T07:47:35.964634+00:00 Debian Importer Affected by VCID-dmp9-4dsk-aaaa None 34.0.0rc1
2024-01-04T02:43:29.166508+00:00 Debian Importer Affected by VCID-9s2f-7kdf-aaam None 34.0.0rc1