14 matches found
MiracleLinux 9 : libreoffice-7.1.8.1-8.el9.ML.1 (AXSA:2023-5035:03)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5035:03 advisory. libreoffice: Macro URL arbitrary script execution CVE-2022-3140 libreoffice: Execution of Untrusted Macros Due to Improper Certificate Validation...
UBUNTU-CVE-2024-28244
KaTeX is a JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions could encounter malicious input using \def or \newcommand that causes a near-infinite loop, despite setting maxExpand to avoid such loops. KaTeX supports an option named...
CentOS 8 : libreoffice (CESA-2023:0089)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:0089 advisory. - libreoffice: Execution of Untrusted Macros Due to Improper Certificate Validation CVE-2022-26305 - libreoffice: Static Initialization Vector Allows t...
libreoffice security update
7.1.8.1-8.0.1 - Replace colors with Oracle colors Orabug: 32120093 - Build with --with-vendor='Oracle America, Inc.' - Added the --with-hamcrest option to configure. 1:7.1.8.1-8 - Resolves: rhbz2134759 Untrusted Macros - Resolves: rhbz2134757 Weak Master Keys - Resolves: rhbz2134755 Static...
libreoffice: Execution of Untrusted Macros Due to Improper Certificate Validation
An Improper Certificate Validation vulnerability was found in LibreOffice, where determining if a trusted author signed a macro was done by only matching the serial number and issuer string of the used certificate with that of a trusted certificate. This is not sufficient to verify that the macro...
Moderate: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
RHEL 9 : libreoffice (RHSA-2023:0304)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0304 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor...
Moderate: Red Hat Security Advisory: libreoffice security update
An update for libreoffice is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
RLSA-2023:0089 Moderate: libreoffice security update
LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...
RHEL 8 : libreoffice (RHSA-2023:0089)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0089 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor...
SUSE-SU-2022:3650-1 Security update for libreoffice
This update for libreoffice fixes the following issues: Updated to version 7.3.6.2 jscSLE-23447: - CVE-2022-3140: Fixed macro URL arbitrary script execution bsc1203209. - CVE-2022-26305: Fixed execution of untrusted Macros due to improper certificate validation bsc1201868. - CVE-2022-26307: Fixed...
SUSE-SU-2022:3602-1 Security update for libreoffice
This update for libreoffice fixes the following issues: Updated to version 7.3.6.2 jscSLE-23448: - CVE-2022-3140: Fixed macro URL arbitrary script execution bsc1203209. - CVE-2022-26305: Fixed execution of untrusted Macros due to improper certificate validation bsc1201868. - CVE-2022-26307: Fixed...
CVE-2022-26306 Execution of Untrusted Macros Due to Improper Certificate Validation
LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which...
CVE-2022-26305 Execution of Untrusted Macros Due to Improper Certificate Validation
An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was done by only matching the serial number and issuer string of the used certificate with that of a trusted certificate. This is not sufficient to verify that the...