Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:ALSA-2023:6933
HistoryNov 14, 2023 - 12:00 a.m.

Moderate: libreoffice security update

2023-11-1400:00:00
Google
osv.dev
9
libreoffice
security update
cve-2022-38745
cve-2023-0950
cve-2023-1183
cve-2023-2255
office suite
productivity software
community-developed

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.9%

JSON

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.

Security Fix(es):

  • libreoffice: Empty entry in Java class path (CVE-2022-38745)
  • libreoffice: Array index underflow in Calc formula parsing (CVE-2023-0950)
  • libreoffice: Arbitrary file write (CVE-2023-1183)
  • libreoffice: Remote documents loaded without prompt via IFrame (CVE-2023-2255)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

Related

redhat 2
nessus 34
almalinux 2
oraclelinux 2
osv 9
openvas 12
debian 6
gentoo 1
kaspersky 5
ubuntu 2
mageia 2
redos 1
veracode 3
cnvd 1
prion 4
nvd 4
cve 4
redhatcve 4
debiancve 4
ubuntucve 4
cvelist 4
githubexploit 2
amazon 1
rosalinux 1
redhat
redhat
(RHSA-2023:6508) Moderate: libreoffice security update
2023-11-07 06:07:28
(RHSA-2023:6933) Moderate: libreoffice security update
2023-11-14 08:40:48
nessus
nessus
RHEL 8 : libreoffice (RHSA-2023:6933)
2023-11-14 00:00:00
RHEL 9 : libreoffice (RHSA-2023:6508)
2023-11-07 00:00:00
CentOS 8 : libreoffice (CESA-2023:6933)
2023-11-14 00:00:00
almalinux
almalinux
Moderate: libreoffice security update
2023-11-07 00:00:00
Moderate: libreoffice security update
2023-11-14 00:00:00
oraclelinux
oraclelinux
libreoffice security update
2023-11-17 00:00:00
libreoffice security update
2023-11-11 00:00:00
osv
osv
Moderate: libreoffice security update
2023-11-07 00:00:00
libreoffice - security update
2023-08-13 00:00:00
libreoffice vulnerabilities
2023-06-07 05:13:10
openvas
openvas
Debian: Security Advisory (DLA-3526-1)
2023-08-14 00:00:00
Mageia: Security Advisory (MGASA-2023-0194)
2023-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0075-1)
2024-01-11 00:00:00
debian
debian
[SECURITY] [DSA 5415-1] libreoffice security update
2023-05-28 15:25:12
[SECURITY] [DLA 3526-1] libreoffice security update
2023-08-13 16:32:01
[SECURITY] [DSA 5437-1] hsqldb security update
2023-06-21 21:47:55
gentoo
gentoo
LibreOffice: Multiple Vulnerabilities
2023-11-26 00:00:00
kaspersky
kaspersky
KLA49330 Multiple vulnerabilities in LibreOffice
2023-05-24 00:00:00
KLA48688 RCE vulnerability in LibreOffice
2023-03-24 00:00:00
KLA50365 ACE vulnerability in LibreOffice
2023-06-19 00:00:00
ubuntu
ubuntu
LibreOffice vulnerabilities
2023-06-07 00:00:00
LibreOffice vulnerability
2023-04-17 00:00:00
mageia
mageia
Updated libreoffice packages fix security vulnerability
2023-06-08 22:34:59
Updated libreoffice packages fix security vulnerability
2023-07-07 08:54:45
redos
redos
ROS-20230830-01
2023-08-30 00:00:00
veracode
veracode
Arbitrary Code Injection
2023-04-20 04:04:11
Authorization Bypass
2023-08-07 01:27:44
Improper Validation
2023-08-06 20:17:06
cnvd
cnvd
Apache OpenOffice code issue vulnerability
2023-03-28 00:00:00
prion
prion
Design/Logic Flaw
2023-03-24 16:15:00
Improper access control
2023-05-25 20:15:00
Input validation
2023-05-25 20:15:00
nvd
nvd
CVE-2022-38745
2023-03-24 16:15:08
CVE-2023-0950
2023-05-25 20:15:09
CVE-2023-2255
2023-05-25 20:15:09
cve
cve
CVE-2022-38745
2023-03-24 16:15:08
CVE-2023-2255
2023-05-25 20:15:09
CVE-2023-0950
2023-05-25 20:15:09
redhatcve
redhatcve
CVE-2022-38745
2023-03-27 12:43:29
CVE-2023-2255
2023-05-26 20:40:53
CVE-2023-0950
2023-05-26 20:40:43
debiancve
debiancve
CVE-2022-38745
2023-03-24 16:15:08
CVE-2023-0950
2023-05-25 20:15:09
CVE-2023-2255
2023-05-25 20:15:09
ubuntucve
ubuntucve
CVE-2022-38745
2023-03-24 00:00:00
CVE-2023-2255
2023-05-25 00:00:00
CVE-2023-0950
2023-05-25 00:00:00
cvelist
cvelist
CVE-2022-38745 Apache OpenOffice: Empty entry in Java class path
2023-03-24 15:56:48
CVE-2023-2255 Remote documents loaded without prompt via IFrame
2023-05-25 00:00:00
CVE-2023-0950 Array Index UnderFlow in Calc Formula Parsing
2023-05-25 00:00:00
githubexploit
githubexploit
Exploit for CVE-2023-2255
2023-07-10 20:54:56
Exploit for CVE-2023-2255
2024-04-27 11:21:11
amazon
amazon
Medium: hsqldb
2024-05-23 22:04:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2288
2023-11-07 09:44:41

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.9%

JSON
Related for OSV:ALSA-2023:6933
redhat2nessus34almalinux2oraclelinux2osv9openvas12debian6gentoo1kaspersky5ubuntu2mageia2redos1veracode3cnvd1prion4nvd4cve4redhatcve4debiancve4ubuntucve4cvelist4githubexploit2amazon1rosalinux1