VYPR

Nautilus

by GNOME Foundation

Source repositories

CVEs (4)

  • CVE-2019-11461HigApr 22, 2019
    risk 0.51cvss 7.8epss 0.00

    An issue was discovered in GNOME Nautilus 3.30 prior to 3.30.6 and 3.32 prior to 3.32.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnailers by using the TIOCSTI ioctl to push characters into the input buffer of the thumbnailer's controlling…

  • CVE-2017-12447HigMar 7, 2019
    risk 0.51cvss 7.8epss 0.01

    GdkPixBuf (aka gdk-pixbuf), possibly 2.32.2, as used by GNOME Nautilus 3.14.3 on Ubuntu 16.04, allows attackers to cause a denial of service (stack corruption) or possibly have unspecified other impact via a crafted file folder.

  • CVE-2017-14604MedSep 20, 2017
    risk 0.42cvss 6.5epss 0.02

    GNOME Nautilus before 3.23.90 allows attackers to spoof a file type by using the .desktop file extension, as demonstrated by an attack in which a .desktop file's Name field ends in .pdf but this file's Exec field launches a malicious "sh -c" command. In other words, Nautilus…

  • CVE-2022-37290MedNov 14, 2022
    risk 0.36cvss 5.5epss 0.00

    GNOME Nautilus 42.2 allows a NULL pointer dereference and get_basename application crash via a pasted ZIP archive.