CVE-2016-1000002

low-risk
Published 2019-11-05

gdm3 3.14.2 and possibly later has an information leak before screen lock

Do I need to act?

-
0.16% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
2
CVSS 2.4/10 Low
PHYSICAL / LOW complexity

Affected Products (6)

Gnome Display Manager

Affected Vendors

Debian Redhat Gnome Opensuse

References (8)

Exploit https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1000002
Issue Tracking https://bugzilla.suse.com/show_bug.cgi?id=CVE-2016-1000002
Third Party Advisory https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/...
Third Party Advisory https://security-tracker.debian.org/tracker/CVE-2016-1000002
Exploit https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-1000002
Issue Tracking https://bugzilla.suse.com/show_bug.cgi?id=CVE-2016-1000002
Third Party Advisory https://raw.githubusercontent.com/distributedweaknessfiling/cvelist/master/2016/...
Third Party Advisory https://security-tracker.debian.org/tracker/CVE-2016-1000002
24
/ 100
low-risk
Severity 10/34 · Low
Exploitability 1/34 · Minimal
Exposure 13/34 · Low