{"id":"CVE-2023-43090","details":"A vulnerability was found in GNOME Shell. GNOME Shell's lock screen allows an unauthenticated local user to view windows of the locked desktop session by using keyboard shortcuts to unlock the restricted functionality of the screenshot tool.","modified":"2026-04-16T04:36:26.195478380Z","published":"2023-09-22T06:15:09.810Z","related":["SUSE-SU-2024:2576-1","openSUSE-SU-2024:13251-1"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/security/cve/CVE-2023-43090"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2239087"},{"type":"FIX","url":"https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/6990"},{"type":"FIX","url":"https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/2944"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gnome/gnome-shell","events":[{"introduced":"0bd73b79a630ad1354bae3ccd69beaeba2f74d4b"},{"fixed":"45de25eaba51095a223e4123d10183432660f4b2"},{"introduced":"b6a7cac28ff84fdaa99be08b64b0ff50b6cf4894"},{"fixed":"d49cc6fa355d59d3a4c878ae89885cb1c571bfda"},{"introduced":"0"},{"last_affected":"44b4b02c3f772a50e6f8b8fd2dca6d9dc3a98725"}],"database_specific":{"versions":[{"introduced":"43"},{"fixed":"43.9"},{"introduced":"44"},{"fixed":"44.5"},{"introduced":"0"},{"last_affected":"42"}]}}],"versions":["2.27.0","2.27.1","2.27.2","2.27.3","2.28.0","2.29.0","2.29.1","2.31.2","2.31.4","2.31.5","2.91.0","2.91.1","2.91.2","2.91.3","2.91.4","2.91.5","2.91.6","2.91.90","2.91.91","2.91.92","2.91.93","3.0.0","3.0.0.1","3.0.0.2","3.0.1","3.1.3","3.1.4","3.1.90","3.1.90.1","3.1.91","3.1.91.1","3.1.92","3.10.0","3.10.0.1","3.10.1","3.11.1","3.11.2","3.11.3","3.11.5","3.11.90","3.11.91","3.11.92","3.12.0","3.13.1","3.13.2","3.13.3","3.13.4","3.13.90","3.13.91","3.13.92","3.14.0","3.14.1","3.15.1","3.15.2","3.15.3","3.15.4","3.15.90","3.15.91","3.15.92","3.16.0","3.16.1","3.17.1","3.17.2","3.17.3","3.17.4","3.17.90","3.17.91","3.17.92","3.18.0","3.18.1","3.19.1","3.19.2","3.19.3","3.19.4","3.19.90","3.19.91","3.19.92","3.2.0","3.2.1","3.20.0","3.20.1","3.21.1","3.21.2","3.21.3","3.21.4","3.21.90","3.21.90.1","3.21.91","3.21.92","3.22.0","3.22.1","3.23.1","3.23.2","3.23.3","3.23.90","3.23.91","3.23.92","3.24.0","3.25.1","3.25.2","3.25.3","3.25.4","3.25.90","3.25.91","3.26.0","3.26.1","3.27.1","3.27.91","3.27.92","3.28.0","3.28.1","3.29.1","3.29.2","3.29.3","3.29.4","3.29.90","3.29.91","3.29.92","3.3.2","3.3.3","3.3.4","3.3.5","3.3.90","3.3.92","3.30.0","3.30.1","3.31.2","3.31.4","3.31.90","3.31.91","3.31.92","3.32.1","3.33.1","3.33.2","3.33.3","3.33.4","3.33.90","3.33.91","3.33.92","3.34.0","3.34.1","3.35.1","3.35.2","3.35.3","3.35.91","3.35.92","3.36.0","3.37.1","3.37.2","3.37.3","3.37.90","3.37.91","3.37.92","3.38.0","3.38.1","3.4.0","3.4.1","3.5.2","3.5.3","3.5.4","3.5.5","3.5.90","3.5.91","3.5.92","3.6.0","3.6.1","3.7.1","3.7.2","3.7.3","3.7.4","3.7.4.1","3.7.5","3.7.90","3.7.91","3.7.92","3.8.0","3.8.0.1","3.8.1","3.9.1","3.9.2","3.9.3","3.9.4","3.9.5","3.9.90","3.9.91","3.9.92","40.0","40.1","40.alpha","40.alpha.1","40.alpha.1.1","40.beta","40.rc","41.0","41.beta","41.rc","41.rc.1","42.0","42.alpha","42.beta","42.rc","43.0","43.1","43.2","43.3","43.4","43.5","43.6","43.7","43.8","44.0","44.1","44.2","44.3","44.4"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"37"}]},{"events":[{"introduced":"0"},{"last_affected":"38"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-43090.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}