libreoffice-still

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description LibreOffice maintenance branch
Version 7.4.5-1 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2807 7.3.5-3 7.3.6-1 Unknown Fixed
AVG-2784 7.2.6-3 7.2.7-1 Unknown Fixed
AVG-1184 6.3.6-2 6.4.6-1 Medium Fixed
AVG-1010 6.1.6-2 6.2.6-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2022-26307 AVG-2784 Unknown Unknown Unknown Unknown
CVE-2022-26306 AVG-2784 Unknown Unknown Unknown Unknown
CVE-2022-26305 AVG-2784 Unknown Unknown Unknown Unknown
CVE-2022-3140 AVG-2807 Unknown Unknown Unknown
links using that scheme could be constructed to call internal macros with arbitrary arguments. Which when clicked on, or activated by document events, could...
CVE-2020-12803 AVG-1184 Medium Yes Arbitrary file overwrite
ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an...
CVE-2020-12802 AVG-1184 Low Yes Access restriction bypass
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the...
CVE-2019-9849 AVG-1010 Medium Yes Information disclosure
LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the...
CVE-2019-9848 AVG-1010 High Yes Arbitrary command execution
An issue has been found in LibreOffice before 6.2.5, where documents can specify that pre-installed scripts can be executed on various document events such...

Advisories

Date Advisory Group Severity Type
16 Aug 2019 ASA-201908-9 AVG-1010 High multiple issues