570 matches found
Important: libreoffice
Issue Overview: Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before 24.2.5. CVE-2024-7788 Affected Packages: libreoffice Note: This...
VMware Spring Boot 2.7.x < 2.7.22, 3.0.x < 3.0.17, 3.1.x < 3.1.13, 3.2.x < 3.2.9, 3.3.x < 3.3.3 Signature Forgery Vulnerability - Linux
VMware Spring Boot is prone to a signature forgery vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
VMware Spring Boot 2.7.x < 2.7.22, 3.0.x < 3.0.17, 3.1.x < 3.1.13, 3.2.x < 3.2.9, 3.3.x < 3.3.3 Signature Forgery Vulnerability - Windows
VMware Spring Boot is prone to a signature forgery vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
USN-7025-1 libreoffice vulnerability
It was discovered that LibreOffice would incorrectly handle digital signature verification after repairing a corrupted document. A remote attacker could possibly use this issue to forge valid signatures...
LibreOffice 24.2.x < 24.2.5 / 24.8.0 (CVE-2024-7788)
The version of LibreOffice installed on the remote host is prior to 24.2.5 / 24.8.0. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-7788 advisory. - Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows...
CVE-2024-7788
Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before 24.2.5...
CVE-2024-7788
Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before 24.2.5...
DEBIAN-CVE-2024-7788
Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before 24.2.5...
UBUNTU-CVE-2024-7788
Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before 24.2.5...
CVE-2024-7788
CVE-2024-7788 – Summary : The Document Foundation LibreOffice exposes an improper digital signature invalidation in Zip Repair Mode, enabling signature forgery during document repair. Public details show affected versions as LibreOffice 24.2.x before 24.2.5 (also reflected in multiple advisories ...
CVE-2024-7788 Signatures in "repair mode" should not be trusted
Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before 24.2.5...
PT-2024-6309 · Document Foundation +5 · Libreoffice +5
Name of the Vulnerable Software and Affected Versions: LibreOffice versions prior to 24.2.5 Description: The issue affects the Zip Repair Mode of LibreOffice, where an improper digital signature invalidation vulnerability allows for signature forgery. This means an attacker could create a special...
LibreOffice 安全漏洞
LibreOffice is an open source office software suite from The Document Foundation. The product includes the Writer text documents, Calc spreadsheets, and Impress presentations applications. A security vulnerability exists in LibreOffice version 24.2 up to and including 24.2.5, which stems from the...
GHSA-7CJ3-X93G-GJ76 Signature forgery in Spring Boot's Loader
Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...
Signature forgery in Spring Boot's Loader
Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...
CVE-2024-38807
Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...
DEBIAN-CVE-2024-38807
Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...
UBUNTU-CVE-2024-38807
Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...
CVE-2024-38807
Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...
CVE-2024-38807
Applications that use spring-boot-loader or spring-boot-loader-classic and contain custom code that performs signature verification of nested jar files may be vulnerable to signature forgery where content that appears to have been signed by one signer has, in fact, been signed by another...