Latest Gnome Vulnerabilities

CVE-2022-48622
In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encounters heap memory corruption (in ani_load_chunk in io-ani.c) when parsing chunks in a crafted .ani f...
GNOME GdkPixbuf<=2.42.10
CVE-2023-5557
Tracker-miners: sandbox escape
Gnome Tracker Miners<3.3.2
Gnome Tracker Miners>=3.4.0<3.4.5
Gnome Tracker Miners>=3.5.0<3.5.3
Gnome Tracker Miners>=3.6.0<3.6.1
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
CVE-2023-43090
Gnome-shell: screenshot tool allows viewing open windows when session is locked
GNOME gnome-shell>=43<43.9
GNOME gnome-shell>=44<44.5
GNOME gnome-shell=42
Fedoraproject Fedora=37
Fedoraproject Fedora=38
redhat/gnome-shell<43.9
and 5 more
CVE-2023-36250
CSV Injection vulnerability in GNOME time tracker version 3.0.2, allows local attackers to execute arbitrary code via crafted .tsv file when creating a new record.
Gnome Gnome-time Tracker=3.0.2
CVE-2023-38633
in librsvg: Arbitrary file read when xinclude href has special characters
debian/librsvg<=2.54.5+dfsg-3<=2.50.3+dfsg-1
GNOME librsvg<2.46.6
GNOME librsvg>=2.48.0<2.48.11
GNOME librsvg>=2.50.0<2.50.8
GNOME librsvg>=2.52.0<2.52.10
GNOME librsvg>=2.54.0<2.54.6
and 12 more
CVE-2023-32643
A flaw was found in GLib. The GVariant deserialization code is vulnerable to a heap buffer overflow introduced by the fix for CVE-2023-32665. This bug does not affect any released version of GLib, but...
GNOME GLib<2.75.1
ubuntu/glib2.0<2.40.2-0ubuntu1.1+
ubuntu/glib2.0<2.64.6-1~ubuntu20.04.6
ubuntu/glib2.0<2.72.4-0ubuntu2.2
ubuntu/glib2.0<2.74.3-0ubuntu1.2
ubuntu/glib2.0<2.75.1<2.74.4
and 3 more
CVE-2023-32636
A flaw was found in glib, where the gvariant deserialization code is vulnerable to a denial of service introduced by additional input validation added to resolve CVE-2023-29499. The offset table valid...
GNOME GLib<2.74.4
ubuntu/glib2.0<2.56.4-0ubuntu0.18.04.9+
ubuntu/glib2.0<2.40.2-0ubuntu1.1+
ubuntu/glib2.0<2.48.2-0ubuntu4.8+
ubuntu/glib2.0<2.64.6-1~ubuntu20.04.6
ubuntu/glib2.0<2.72.4-0ubuntu2.2
and 3 more
CVE-2023-32611
G_variant_byteswap() can take a long time with some non-normal inputs
GNOME GLib<2.74.2
ubuntu/glib2.0<2.64.6-1~ubuntu20.04.6
ubuntu/glib2.0<2.72.4-0ubuntu2.2
ubuntu/glib2.0<2.74.3-0ubuntu1.2
ubuntu/glib2.0<2.75.1<2.74.4
ubuntu/glib2.0<2.56.4-0ubuntu0.18.04.9+
and 3 more
CVE-2023-29499
Gvariant offset table entry size is not checked in is_normal()
GNOME GLib<2.74.4
ubuntu/glib2.0<2.64.6-1~ubuntu20.04.6
ubuntu/glib2.0<2.72.4-0ubuntu2.2
ubuntu/glib2.0<2.74.3-0ubuntu1.2
ubuntu/glib2.0<2.75.1<2.74.4
ubuntu/glib2.0<2.56.4-0ubuntu0.18.04.9+
and 3 more
CVE-2023-26081
In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts.
GNOME Epiphany<43.1
Fedoraproject Fedora=37
CVE-2019-25085
A vulnerability was found in GNOME gvdb. It has been classified as critical. This affects the function gvdb_table_write_contents_async of the file gvdb-builder.c. The manipulation leads to use after f...
Gnome Gvariant Database<2019-06-27
<2019-06-27
CVE-2023-32665
Gvariant deserialisation does not match spec for non-normal data
GNOME GLib<2.74.4
ubuntu/glib2.0<2.64.6-1~ubuntu20.04.6
ubuntu/glib2.0<2.72.4-0ubuntu2.2
ubuntu/glib2.0<2.74.3-0ubuntu1.2
ubuntu/glib2.0<2.75.1<2.74.4
ubuntu/glib2.0<2.56.4-0ubuntu0.18.04.9+
and 3 more
CVE-2022-37290
GNOME Nautilus 42.2 allows a NULL pointer dereference and get_basename application crash via a pasted ZIP archive.
GNOME Nautilus=42.2
Fedoraproject Fedora=36
Fedoraproject Fedora=37
CVE-2021-42522
There is a Information Disclosure vulnerability in anjuta/plugins/document-manager/anjuta-bookmarks.c. This issue was caused by the incorrect use of libxml2 API. The vendor forgot to call 'g_free()' t...
Gnome Anjuta=2.0.0
CVE-2021-46829
GNOME GdkPixbuf (aka GDK-PixBuf) before 2.42.8 allows a heap-based buffer overflow when compositing or clearing frames in GIF files, as demonstrated by io-gif-animation.c composite_frame. This overflo...
GNOME gdk-pixbuf<2.42.8
Fedoraproject Fedora=35
Debian Debian Linux=11.0
debian/gdk-pixbuf
CVE-2022-29536
In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the...
debian/epiphany-browser<=3.38.2-1<=3.32.1.2-3<=42.1-1
debian/epiphany-browser<=3.32.1.2-3~deb10u1
GNOME Epiphany<41.4
GNOME Epiphany>=42.0<42.2
Fedoraproject Fedora=34
Fedoraproject Fedora=35
and 3 more
CVE-2022-27811
GNOME OCRFeeder before 0.8.4 allows OS command injection via shell metacharacters in a PDF or image filename.
GNOME OCRFeeder<0.8.4
CVE-2021-20315
A locking protection bypass flaw was found in some versions of gnome-shell as shipped within CentOS Stream 8, when the "Application menu" or "Window list" GNOME extensions are enabled. This flaw allow...
GNOME gnome-shell<3.32.2
CentOS Stream=8
CVE-2021-44648
GNOME gdk-pixbuf 2.42.6 is vulnerable to a heap-buffer overflow vulnerability when decoding the lzw compressed stream of image data in GIF files with lzw minimum code size equals to 12.
debian/gdk-pixbuf
GNOME GdkPixbuf=2.42.6
Fedoraproject Fedora=34
Fedoraproject Fedora=35
Debian Debian Linux=11.0
CVE-2021-45085
XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an about: page, as demonstrated by ephy-about:overview when a user visits an XSS payload page often enough to place that ...
debian/epiphany-browser<=3.32.1.2-3~deb10u1
GNOME Epiphany<40.4
GNOME Epiphany>=41.0<41.1
Debian Debian Linux=10.0
Debian Debian Linux=11.0
CVE-2021-45086
XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 because a server's suggested_filename is used as the pdf_name value in PDF.js.
debian/epiphany-browser
GNOME Epiphany<40.4
GNOME Epiphany>=41.0<41.1
Debian Debian Linux=11.0
CVE-2021-45088
XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an error page.
debian/epiphany-browser<=3.32.1.2-3~deb10u1
GNOME Epiphany<40.4
GNOME Epiphany>=41.0<41.1
Debian Debian Linux=10.0
Debian Debian Linux=11.0
CVE-2021-45087
XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title.
GNOME Epiphany<40.4
GNOME Epiphany>=41.0<41.1
Debian Debian Linux=10.0
Debian Debian Linux=11.0
debian/epiphany-browser<=3.32.1.2-3~deb10u1
CVE-2021-39365
In GNOME grilo though 0.3.13, grl-net-wc.c does not enable TLS certificate verification on the SoupSessionAsync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this is simi...
debian/grilo<=0.3.13-1<=0.3.7-1
GNOME grilo<=0.3.13
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
debian/grilo
CVE-2021-39358
In GNOME libgfbgraph through 0.2.4, gfbgraph-photo.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: thi...
GNOME libgfbgraph<=0.2.4
Fedoraproject Fedora=33
Fedoraproject Fedora=34
Fedoraproject Fedora=35
CVE-2021-39360
In GNOME libzapojit through 0.0.3, zpj-skydrive.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: this i...
GNOME libzapojit<=0.0.3
Fedoraproject Fedora=33
Fedoraproject Fedora=34
Fedoraproject Fedora=35
CVE-2021-39361
In GNOME evolution-rss through 0.3.96, network-soup.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerable to network MITM attacks. NOTE: th...
GNOME evolution-rss<=0.3.96
CVE-2020-36427
GNOME gThumb before 3.10.1 allows an application crash via a malformed JPEG image.
GNOME gThumb<3.10.1
CVE-2021-20297
A flaw was found in NetworkManager in versions before 1.30.0. Setting match.path and activating a profile crashes NetworkManager. The highest threat from this vulnerability is to system availability.
GNOME NetworkManager<1.30.0
Redhat Openshift Container Platform=4.0
Redhat Enterprise Linux=8.0
Fedoraproject Fedora=33
CVE-2016-20011
libgrss through 0.7.0 fails to perform TLS certificate verification when downloading feeds, allowing remote attackers to manipulate the contents of feeds without detection. This occurs because of the ...
debian/libgrss<=0.7.0-2
Gnome Libgrss<=0.7.0
CVE-2021-33516
An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering ...
Gnome Gupnp<1.0.7
Gnome Gupnp>=1.1.0<1.2.5
CVE-2021-3567
It was discovered that the Caribou onscreen keyboard could be made to crash when given certain input values. An attacker could use this to bypass screen-locking applications that support using Caribou...
redhat/caribou<0.4.21
Gnome Caribou<0.4.21
CVE-2020-36314
fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's parent...
GNOME file-roller<=3.38.0
Fedoraproject Fedora=34
CVE-2021-28650
autoar-extractor.c in GNOME gnome-autoar before 0.3.1, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's p...
GNOME gnome-autoar<0.3.1
Fedoraproject Fedora=34
CVE-2021-3800
A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition.
redhat/glib2<2.63.6
GNOME GLib<2.62.5
GNOME GLib>=2.63.0<2.63.6
Debian Debian Linux=10.0
Netapp Active Iq Unified Manager Vmware Vsphere
CVE-2021-28153
GNOME GLib could allow a remote attacker to bypass security restrictions, caused by a flaw when g_file_replace() function is used with G_FILE_CREATE_REPLACE_DESTINATION to replace a path that is a dan...
GNOME GLib<2.66.8
Broadcom Brocade Fabric Operating System Firmware
Debian Debian Linux=9.0
Fedoraproject Fedora=33
redhat/glib<2.67.6
IBM QRadar SIEM<=7.5.0 GA
and 2 more
CVE-2021-27218
An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated mod...
redhat/mingw-glib2<0:2.66.7-2.el8
redhat/glib2<0:2.56.4-10.el8_4.1
IBM QRadar SIEM<=7.5.0 GA
IBM QRadar SIEM<=7.4.3 GA - 7.4.3 FP4
IBM QRadar SIEM<=7.3.3 GA - 7.3.3 FP10
redhat/glib<2.66.7
and 10 more
CVE-2021-20240
A flaw was found in gdk-pixbuf in versions before 2.42.0. An integer wraparound leading to an out of bounds write can occur when a crafted GIF image is loaded. An attacker may cause applications to cr...
GNOME gdk-pixbuf<2.42.0
Fedoraproject Fedora=33
Fedoraproject Fedora=34
redhat/gdk-pixbuf<2.42.0
CVE-2020-36241
autoar-extractor.c in GNOME gnome-autoar through 0.2.4, as used by GNOME Shell, Nautilus, and other software, allows Directory Traversal during extraction because it lacks a check of whether a file's ...
GNOME gnome-autoar<=0.2.4
Fedoraproject Fedora=34
CVE-2021-27219
An integer wraparound was discovered in glib due to passing a 64 bit sized value to function g_memdup() which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application ...
redhat/glib2<0:2.28.8-11.el6_10
redhat/glib2<0:2.56.1-9.el7_9
redhat/glib2<0:2.42.2-6.el7_2
redhat/glib2<0:2.46.2-5.el7_3
redhat/glib2<0:2.50.3-4.el7_4
redhat/glib2<0:2.56.1-5.el7_6
and 19 more
CVE-2021-3349
** DISPUTED ** GNOME Evolution through 3.38.3 produces a "Valid signature" message for an unknown identifier on a previously trusted key because Evolution does not retrieve enough information from the...
GNOME Evolution<=3.38.3
<=3.38.3
CVE-2020-35457
** DISPUTED ** GNOME GLib before 2.65.3 has an integer overflow, that might lead to an out-of-bounds write, in g_option_group_add_entries. NOTE: the vendor's position is "Realistically this is not a s...
GNOME GLib<2.65.3
<2.65.3
CVE-2020-27837
A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a user that has autologin enabled, accessing their session without authentication. This is similar ...
redhat/gdm<3.38.2.1
Gnome Gnome Display Manager<3.38.2.1
CVE-2020-29385
GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw.c in the function write_indexes. if c->self_code equals 10, self->code_table[10].extends will assign th...
debian/gdk-pixbuf<=2.40.0+dfsg-8<=2.40.0+dfsg-10
<2.42.2
=20.04
=20.10
=33
=34
and 8 more
CVE-2020-16125
gdm3 versions before 3.36.2 or 3.38.2 would start gnome-initial-setup if gdm3 can't contact the accountservice service via dbus in a timely manner; on Ubuntu (and potentially derivatives) this could b...
Gnome Gnome Display Manager<3.36.2
Gnome Gnome Display Manager>=3.38.0<3.38.2
CVE-2020-14391
A flaw was found in the GNOME Control Center in Red Hat Enterprise Linux 8 versions prior to 8.2, where it improperly uses Red Hat Customer Portal credentials when a user registers a system through th...
GNOME Control Center
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux Aus=8.2
Redhat Enterprise Linux Eus=8.2
Redhat Enterprise Linux Tus=8.2
CVE-2020-24661
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates (e.g., self-signed certificates) when the client system is not config...
GNOME Geary<3.36.3
Fedoraproject Fedora=31
Fedoraproject Fedora=32
CVE-2020-17489
An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging out of an account, the password box from the login dialog reappears with the password still visible....
GNOME gnome-shell<=3.36.4
Canonical Ubuntu Linux=20.04
Debian Debian Linux=9.0
openSUSE Leap=15.2
ubuntu/gnome-shell<3.36.4-1ubuntu1~20.04.2
ubuntu/gnome-shell<3.36.5-1
and 1 more
CVE-2020-16118
In GNOME Balsa before 2.6.0, a malicious server operator or man in the middle can trigger a NULL pointer dereference and client crash by sending a PREAUTH response to imap_mbox_connect in libbalsa/ima...
GNOME Balsa<2.6.0
openSUSE Backports SLE=15.0-sp1
openSUSE Leap=15.1
CVE-2020-16117
In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid (e.g., minimal) CAPABILITY line on a connection attemp...
GNOME evolution-data-server<3.35.91
Debian Debian Linux=9.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203