7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
29.8%
Apache OpenOffice versions before 4.1.14 may be configured to add an empty
entry to the Java class path. This may lead to run arbitrary Java code from
the current directory.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | libreoffice | < 1:6.0.7-0ubuntu0.18.04.13 | UNKNOWN |
ubuntu | 20.04 | noarch | libreoffice | < 1:6.4.7-0ubuntu0.20.04.7 | UNKNOWN |
launchpad.net/bugs/cve/CVE-2022-38745
lists.apache.org/thread/q3noq7m681kvtb29m28x74q8cnwnzzo0
nvd.nist.gov/vuln/detail/CVE-2022-38745
security-tracker.debian.org/tracker/CVE-2022-38745
ubuntu.com/security/notices/USN-6023-1
www.cve.org/CVERecord?id=CVE-2022-38745
www.openoffice.org/security/cves/CVE-2022-38745.html