CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
Stellarium is a free open source planetarium for your computer. It shows a realistic sky in 3D, just like what you see with the naked eye, binoculars or a telescope.
A vulnerability has been discovered in Stellarium. Please review the CVE identifier referenced below for details.
Attackers can write to files that are typically unintended, such as ones with absolute pathnames or … directory traversal.
There is no known workaround at this time.
All Stellarium users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=sci-astronomy/stellarium-23.1"
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Gentoo | any | all | sci-astronomy/stellarium | < 23.1 | UNKNOWN |