CVE-2022-37290 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA-ADP	ADP	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 9%

Affected Products (NVD)

Vendor	Product	Version
gnome	nautilus	42.2

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

nautilus

bookworm	43.2-1 fixed
bullseye	unimportant
sid	47.0-2 fixed
trixie	47.0-2 fixed

Ubuntu Releases

Ubuntu Product

Codename

caja

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
kinetic	ignored
lunar	ignored
mantic	ignored
noble	needs-triage
trusty	dne
xenial	needs-triage

nautilus

bionic	Fixed 1:3.26.4-0~ubuntu18.04.6 released
focal	Fixed 1:3.36.3-0ubuntu1.20.04.2 released
jammy	Fixed 1:42.2-0ubuntu2.1 released
kinetic	Fixed 1:43.0-1ubuntu2.1 released
lunar	Fixed 1:44~alpha-0ubuntu1 released
mantic	Fixed 1:44~alpha-0ubuntu1 released
noble	Fixed 1:44~alpha-0ubuntu1 released
trusty	ignored
xenial	not-affected

nemo

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
kinetic	ignored
lunar	ignored
mantic	ignored
noble	needs-triage
trusty	ignored
xenial	needs-triage

Known Exploits!

Common Weakness Enumeration

CWE-476 - NULL Pointer Dereference
A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

References

https://gitlab.gnome.org/GNOME/nautilus/-/issues/2376

https://gitlab.gnome.org/GNOME/nautilus/-/merge_requests/1001

https://gitlab.gnome.org/GNOME/nautilus/-/tree/master

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PX5CVF4FAHFA6UNKHFBBLOP2NUMIQJAY/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XYPDZ7LBBUVU3WFK7DCGDFGK2GXTKGT5/

https://gitlab.gnome.org/GNOME/nautilus/-/issues/2376

https://gitlab.gnome.org/GNOME/nautilus/-/merge_requests/1001

https://gitlab.gnome.org/GNOME/nautilus/-/tree/master

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PX5CVF4FAHFA6UNKHFBBLOP2NUMIQJAY/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XYPDZ7LBBUVU3WFK7DCGDFGK2GXTKGT5/