Critical severity9.8NVD Advisory· Published Mar 15, 2023· Updated Jun 17, 2026
CVE-2023-28371
CVE-2023-28371
Description
In Stellarium through 1.2, attackers can write to files that are typically unintended, such as ones with absolute pathnames or .. directory traversal.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- Stellarium/Stellariumdescription
- Range: <=1.2
- osv-coords3 versionspkg:rpm/opensuse/stellarium&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/stellarium&distro=openSUSE%20Tumbleweedpkg:rpm/suse/stellarium&distro=SUSE%20Package%20Hub%2015%20SP4
< 0.21.2-bp154.2.3.1+ 2 more
- (no CPE)range: < 0.21.2-bp154.2.3.1
- (no CPE)range: < 23.1-1.1
- (no CPE)range: < 0.21.2-bp154.2.3.1
Patches
Vulnerability mechanics
References
6- github.com/Stellarium/stellarium/commit/1261f74dc4aa6bbd01ab514343424097f8cf46b7nvdPatch
- github.com/Stellarium/stellarium/commit/787a894897b7872ae96e6f5804a182210edd5c78nvdPatch
- github.com/Stellarium/stellarium/commit/eba61df3b38605befcb43687a4c0a159dbc0c5cbnvdPatch
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KG6UNRAOYZJSMIUELY3MMJ5J6LIUZXLT/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/REDZB5J7WDN2P3NYWFO2NNJXSTOFUUKM/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQ4ZGY5MDDHBEOQTD4IIA2RFID3ATPXA/nvd
News mentions
0No linked articles in our index yet.