CVE-2024-36472

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-36472

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-36472.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-36472

Downstream

DEBIAN-CVE-2024-36472

RHSA-2024:5298

RHSA-2024:9114

RHSA-2024:9915

RLSA-2024:5298

SUSE-SU-2024:2576-1

SUSE-SU-2024:2589-1

SUSE-SU-2024:2618-1

UBUNTU-CVE-2024-36472

USN-6963-1

openSUSE-SU-2024:14201-1

Related

Published

2024-05-28T16:15:17Z

Modified

2025-10-16T06:08:15.360420Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In GNOME Shell through 45.7, a portal helper can be launched automatically (without user confirmation) based on network responses provided by an adversary (e.g., an adversary who controls the local Wi-Fi network), and subsequently loads untrusted JavaScript code, which may lead to resource consumption or other impacts depending on the JavaScript code's behavior.

References

https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/7688

Affected packages

Git / gitlab.gnome.org/GNOME/gnome-shell

Affected ranges

Type: GIT
Repo: https://gitlab.gnome.org/GNOME/gnome-shell
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

2c66b1befdfa5420f69bc5bc8c48c25b6eddf817

Affected versions

2.*

2.27.0

2.27.1

2.27.2

2.27.3

2.28.0

2.29.0

2.29.1

2.31.2

2.31.4

2.31.5

2.91.0

2.91.1

2.91.2

2.91.3

2.91.4

2.91.5

2.91.6

2.91.90

2.91.91

2.91.92

2.91.93

3.*

3.0.0

3.0.0.1

3.0.0.2

3.0.1

3.1.3

3.1.4

3.1.90

3.1.90.1

3.1.91

3.1.91.1

3.1.92

3.10.0

3.10.0.1

3.10.1

3.11.1

3.11.2

3.11.3

3.11.5

3.11.90

3.11.91

3.11.92

3.12.0

3.13.1

3.13.2

3.13.3

3.13.4

3.13.90

3.13.91

3.13.92

3.14.0

3.14.1

3.15.1

3.15.2

3.15.3

3.15.4

3.15.90

3.15.91

3.15.92

3.16.0

3.16.1

3.17.1

3.17.2

3.17.3

3.17.4

3.17.90

3.17.91

3.17.92

3.18.0

3.18.1

3.19.1

3.19.2

3.19.3

3.19.4

3.19.90

3.19.91

3.19.92

3.2.0

3.2.1

3.20.0

3.20.1

3.21.1

3.21.2

3.21.3

3.21.4

3.21.90

3.21.90.1

3.21.91

3.21.92

3.22.0

3.22.1

3.23.1

3.23.2

3.23.3

3.23.90

3.23.91

3.23.92

3.24.0

3.25.1

3.25.2

3.25.3

3.25.4

3.25.90

3.25.91

3.26.0

3.26.1

3.27.1

3.27.91

3.27.92

3.28.0

3.28.1

3.29.1

3.29.2

3.29.3

3.29.4

3.29.90

3.29.91

3.29.92

3.3.2

3.3.3

3.3.4

3.3.5

3.3.90

3.3.92

3.30.0

3.30.1

3.31.2

3.31.4

3.31.90

3.31.91

3.31.92

3.32.0

3.32.1

3.33.1

3.33.2

3.33.3

3.33.4

3.33.90

3.33.91

3.33.92

3.34.0

3.34.1

3.35.1

3.35.2

3.35.3

3.35.90

3.35.91

3.35.92

3.36.0

3.37.1

3.37.2

3.37.3

3.37.90

3.37.91

3.37.92

3.38.0

3.38.1

3.4.0

3.4.1

3.5.2

3.5.3

3.5.4

3.5.5

3.5.90

3.5.91

3.5.92

3.6.0

3.6.1

3.7.1

3.7.2

3.7.3

3.7.4

3.7.4.1

3.7.5

3.7.90

3.7.91

3.7.92

3.8.0

3.8.0.1

3.8.1

3.9.1

3.9.2

3.9.3

3.9.4

3.9.5

3.9.90

3.9.91

3.9.92

40.*

40.0

40.1

40.alpha

40.alpha.1

40.alpha.1.1

40.beta

40.rc

41.*

41.0

41.beta

41.rc

41.rc.1

42.*

42.0

42.1

42.alpha

42.beta

42.rc

43.*

43.0

43.1

43.alpha

43.beta

43.rc

44.*

44.0

44.1

44.beta

44.rc

45.*

45.0

45.1

45.2

45.3

45.4

45.5

45.6

45.7

45.alpha

45.beta

45.beta.1

45.rc