Описание
In GNOME Shell through 45.7, a portal helper can be launched automatically (without user confirmation) based on network responses provided by an adversary (e.g., an adversary who controls the local Wi-Fi network), and subsequently loads untrusted JavaScript code, which may lead to resource consumption or other impacts depending on the JavaScript code's behavior.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 47~beta-1ubuntu1 |
| esm-apps/xenial | not-affected | code not present |
| esm-infra/bionic | not-affected | code not present |
| esm-infra/focal | not-affected | 3.36.9-0ubuntu0.20.04.4 |
| focal | released | 3.36.9-0ubuntu0.20.04.4 |
| jammy | released | 42.9-0ubuntu2.2 |
| mantic | ignored | end of life, was deferred [2024-07-05] |
| noble | released | 46.0-0ubuntu6~24.04.3 |
| upstream | released | 46.1 |
Показывать по
6.5 Medium
CVSS3
Связанные уязвимости
In GNOME Shell through 45.7, a portal helper can be launched automatically (without user confirmation) based on network responses provided by an adversary (e.g., an adversary who controls the local Wi-Fi network), and subsequently loads untrusted JavaScript code, which may lead to resource consumption or other impacts depending on the JavaScript code's behavior.
In GNOME Shell through 45.7, a portal helper can be launched automatically (without user confirmation) based on network responses provided by an adversary (e.g., an adversary who controls the local Wi-Fi network), and subsequently loads untrusted JavaScript code, which may lead to resource consumption or other impacts depending on the JavaScript code's behavior.
In GNOME Shell through 45.7, a portal helper can be launched automatic ...
6.5 Medium
CVSS3