DEBIAN-CVE-2022-37290

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2022-37290

Import Source

https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2022-37290.json

JSON Data

https://api.osv.dev/v1/vulns/DEBIAN-CVE-2022-37290

Upstream

CVE-2022-37290

Published

2022-11-14T08:15:09.387Z

Modified

2026-03-17T02:47:45.281797Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

GNOME Nautilus 42.2 allows a NULL pointer dereference and get_basename application crash via a pasted ZIP archive.

References

https://security-tracker.debian.org/tracker/CVE-2022-37290

Affected packages

Debian:11 / nautilus

Package

Name: nautilus
Purl: pkg:deb/debian/nautilus?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.38.2-1

3.38.2-1+deb11u1

40.*

40.2-1

40.2-2

41.*

41.0-1

41.1-1

41.2-1

Other

42~beta-1

42~rc-1

43~rc-1

43~rc-2

44~beta-1

44~rc-1

45~beta-1

45~beta2-1

45~rc-1

48~beta-1

48~beta-2

48~rc-1

48~rc-2

49~rc-1

49~rc-2

49~rc-3

42.*

42.0-1

42.1.1-1

42.2-1

42.2-2

43~beta.*

43~beta.1-1

43~beta.1-2

43.*

43.0-1

43.1-1

43.2-1

43.4-1

43.4-2

44.*

44.0-1

44.1-1

44.2-1

44.2.1-1

44.2.1-2

45.*

45.0-1

45.0-2

45.1-1

45.2.1-1

45.2.1-2

45.2.1-3

45.2.1-4

46.*

46.2-1

46.2-2

46.2-3

47~beta.*

47~beta.1-1

47.*

47.0-1

47.0-2

47.0-3

47.1-1

47.1-2

48.*

48.0-1

48.1-1

48.1-2

48.2-1

48.2-3

48.3-1

48.3-2

49.*

49.0-1

49.1-1

49.1-2

49.2-1

49.2-2

49.3-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2022-37290.json"

Debian:12 / nautilus

Package

Name: nautilus
Purl: pkg:deb/debian/nautilus?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

43.2-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2022-37290.json"

Debian:13 / nautilus

Package

Name: nautilus
Purl: pkg:deb/debian/nautilus?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

43.2-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2022-37290.json"

Debian:14 / nautilus

Package

Name: nautilus
Purl: pkg:deb/debian/nautilus?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

43.2-1

Ecosystem specific

{
    "urgency": "unimportant"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2022-37290.json"