CVE-2023-28371

Опубликовано: 15 мар. 2023

Источник: debian

Описание

In Stellarium through 1.2, attackers can write to files that are typically unintended, such as ones with absolute pathnames or .. directory traversal.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
stellarium	fixed	23.3-1		package
stellarium	ignored		bookworm	package
stellarium	no-dsa		bullseye	package
stellarium	no-dsa		buster	package

Примечания

https://github.com/Stellarium/stellarium/commit/1261f74dc4aa6bbd01ab514343424097f8cf46b7 (v23.1)
https://github.com/Stellarium/stellarium/commit/787a894897b7872ae96e6f5804a182210edd5c78 (v23.1)
https://github.com/Stellarium/stellarium/commit/eba61df3b38605befcb43687a4c0a159dbc0c5cb (v23.1)

Связанные уязвимости

CVE-2023-28371

CVSS3: 9.8

ubuntu

почти 3 года назад

In Stellarium through 1.2, attackers can write to files that are typically unintended, such as ones with absolute pathnames or .. directory traversal.

CVE-2023-28371

CVSS3: 9.8

nvd

почти 3 года назад

In Stellarium through 1.2, attackers can write to files that are typically unintended, such as ones with absolute pathnames or .. directory traversal.

openSUSE-SU-2023:0097-1

suse-cvrf

почти 3 года назад

Security update for stellarium

GHSA-7vmm-m8vp-g5h3

CVSS3: 9.8

github

почти 3 года назад

In Stellarium through 1.2, attackers can write to files that are typically unintended, such as ones with absolute pathnames or .. directory traversal.