It was discovered that GNOME Shell mishandled extensions that fail to reload, possibly leading to extensions staying enabled on the lock screen. An attacker could possibly use this issue to launch applications, view sensitive information, or execute arbitrary commands. (CVE-2017-8288)
It was discovered that the GNOME Shell incorrectly handled certain keyboard inputs. An attacker could possibly use this issue to invoke keyboard shortcuts, and potentially other actions while the workstation was locked. (CVE-2019-3820)
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_version": "3.18.5-0ubuntu0.3+esm1", "binary_name": "gnome-shell" }, { "binary_version": "3.18.5-0ubuntu0.3+esm1", "binary_name": "gnome-shell-common" }, { "binary_version": "3.18.5-0ubuntu0.3+esm1", "binary_name": "gnome-shell-dbg" }, { "binary_version": "3.18.5-0ubuntu0.3+esm1", "binary_name": "gnome-shell-dbgsym" } ] }