It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions.
This issue was introduced with the following ticket & commit:
Created gnome-shell tracking bugs for this issue:
Affects: fedora-all [bug 1672815]
Name: Ray Strode (The GNOME Project)
Upstream: Maxime Vellard