CVE-2015-3213

The gesture handling code in Clutter before 1.16.2 allows physically proximate attackers to bypass the lock screen via certain (1) mouse or (2) touch gestures.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 23%
Affected Products (NVD)
VendorProductVersion
clutter_projectclutter
𝑥
≤ 1.16.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
clutter-1.0
bookworm
1.26.4+dfsg-4
fixed
bullseye
1.26.4+dfsg-2
fixed
sid
1.26.4+git2779b932+dfsg-7
fixed
squeeze
not-affected
trixie
1.26.4+git2779b932+dfsg-7
fixed
wheezy
not-affected
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
clutter-1.0
precise
not-affected
trusty
dne
utopic
not-affected
vivid
not-affected
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
clutter
RHEL 7
0:1.14.4-12.el7_1.1
fixed
clutter-devel
RHEL 7
0:1.14.4-12.el7_1.1
fixed
clutter-doc
RHEL 7
0:1.14.4-12.el7_1.1
fixed
Common Weakness Enumeration
References
http://rhn.redhat.com/errata/RHSA-2015-1510.html
https://bugzilla.gnome.org/show_bug.cgi?id=710227
https://bugzilla.gnome.org/show_bug.cgi?id=749847
https://bugzilla.redhat.com/show_bug.cgi?id=1227098
https://git.gnome.org/browse/clutter/commit/?h=clutter-1.18&id=97724939c8de004d7fa230f3ff64862d957f93a9
http://rhn.redhat.com/errata/RHSA-2015-1510.html
https://bugzilla.gnome.org/show_bug.cgi?id=710227
https://bugzilla.gnome.org/show_bug.cgi?id=749847
https://bugzilla.redhat.com/show_bug.cgi?id=1227098
https://git.gnome.org/browse/clutter/commit/?h=clutter-1.18&id=97724939c8de004d7fa230f3ff64862d957f93a9