CVE-2023-28371

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Stellarium versions through 1.2

Description The issue allows attackers to write to files that are typically unintended, such as ones with absolute pathnames or .. directory traversal.

Recommendations For Stellarium versions through 1.2, consider restricting file write access to prevent unintended file modifications until a patch is available.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

ALT-PU-2024-15285

ALT-PU-2024-15503

CVE-2023-28371

MGASA-2023-0129

OPENSUSE-SU-2023:0097-1

OPENSUSE-SU-2024:12819-1

Affected Products

Alt Linux

Debian

Stellarium

CVE-2023-28371

Weakness Enumeration

Related Identifiers

Affected Products

References · 30