Lucene search
GoogleOSV:CVE-2024-36472HistoryMay 28, 2024 - 4:15 p.m.
CVE-2024-36472
2024-05-2816:15:17
Google
osv.dev
13
gnome shell
portal helper
automatic launch
network responses
javascript code
resource consumption
6.6 Medium
AI Score
Confidence
High
In GNOME Shell through 45.7, a portal helper can be launched automatically (without user confirmation) based on network responses provided by an adversary (e.g., an adversary who controls the local Wi-Fi network), and subsequently loads untrusted JavaScript code, which may lead to resource consumption or other impacts depending on the JavaScript code’s behavior.
| CPE | Name | Operator | Version |
|---|---|---|---|
| gnome-shell | eq | 3.6.0 | |
| gnome-shell | eq | 3.1.3 | |
| gnome-shell | eq | 3.11.3 | |
| gnome-shell | eq | 3.29.92 | |
| gnome-shell | eq | 2.91.5 | |
| gnome-shell | eq | 3.5.4 | |
| gnome-shell | eq | 3.17.3 | |
| gnome-shell | eq | 3.0.0 | |
| gnome-shell | eq | 3.16.0 | |
| gnome-shell | eq | 3.7.92 |
Related
redhatcve
redhatcve
CVE-2024-36472
2024-05-29 08:50:22
cve
cve
CVE-2024-36472
2024-05-28 16:15:17
CVE-2023-50977
2024-05-27 14:15:09
ubuntucve
ubuntucve
CVE-2024-36472
2024-05-28 00:00:00
cvelist
cvelist
CVE-2024-36472
1976-01-01 00:00:00
nessus
nessus
GNOME Shell <= 45.7 Code Execution in Portal Helper (CVE-2024-36472)
2024-05-31 00:00:00
debiancve
debiancve
CVE-2024-36472
2024-05-28 16:15:17
nvd
nvd
CVE-2024-36472
2024-05-28 16:15:17
CVE-2023-50977
2024-05-27 14:15:09