Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1088698?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "type": "deb", "namespace": "debian", "name": "libreoffice", "version": "4:26.2.3.2-2", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79183?format=api", "vulnerability_id": "VCID-11vv-gd2v-2qhk", "summary": "libreoffice: Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26306.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26306.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26306", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58422", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58457", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.5847", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58456", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58446", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58465", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58439", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58492", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58498", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58515", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58495", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58476", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58507", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58512", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.5849", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26306" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118613", "reference_id": "2118613", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118613" }, { "reference_url": "https://security.archlinux.org/AVG-2783", "reference_id": "AVG-2783", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2783" }, { "reference_url": "https://security.archlinux.org/AVG-2784", "reference_id": "AVG-2784", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0089", "reference_id": "RHSA-2023:0089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0089" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0304", "reference_id": "RHSA-2023:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0304" }, { "reference_url": "https://usn.ubuntu.com/5661-1/", "reference_id": "USN-5661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5661-1/" }, { "reference_url": "https://usn.ubuntu.com/5694-1/", "reference_id": "USN-5694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5694-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928436?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928439?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.3.3~rc1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.3.3~rc1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-26306" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-11vv-gd2v-2qhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86605?format=api", "vulnerability_id": "VCID-135z-ajc9-buhx", "summary": "libreoffice: Memory corruption when parsing invalid PLCF data by processing certain DOC files", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2189.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2189.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2189", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79039", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79046", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79072", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79057", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79081", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79089", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79113", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79099", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79117", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79115", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79146", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79153", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79169", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79181", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79202", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2189" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2189", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2189" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=988834", "reference_id": "988834", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=988834" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928405?format=api", "purl": "pkg:deb/debian/libreoffice@1:3.4.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:3.4.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-2189" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-135z-ajc9-buhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48798?format=api", "vulnerability_id": "VCID-15h8-ucrr-kqbb", "summary": "A vulnerability in OpenOffice Impress could cause memory\n corruption.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1513", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01117", "scoring_system": "epss", "scoring_elements": "0.78336", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01117", "scoring_system": "epss", "scoring_elements": "0.78311", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01117", "scoring_system": "epss", "scoring_elements": "0.7816", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01117", "scoring_system": "epss", "scoring_elements": "0.78169", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01117", "scoring_system": "epss", "scoring_elements": "0.78199", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01117", "scoring_system": "epss", "scoring_elements": "0.78181", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01117", "scoring_system": "epss", "scoring_elements": "0.78208", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01117", "scoring_system": "epss", "scoring_elements": "0.78213", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01117", "scoring_system": "epss", "scoring_elements": "0.78239", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01117", "scoring_system": "epss", "scoring_elements": "0.78222", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01117", "scoring_system": "epss", "scoring_elements": "0.78218", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01117", "scoring_system": "epss", "scoring_elements": "0.7825", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01117", "scoring_system": "epss", "scoring_elements": "0.78248", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01117", "scoring_system": "epss", "scoring_elements": "0.78244", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01117", "scoring_system": "epss", "scoring_elements": "0.78276", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01117", "scoring_system": "epss", "scoring_elements": "0.78282", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01117", "scoring_system": "epss", "scoring_elements": "0.78298", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1513" }, { "reference_url": "https://bz.apache.org/ooo/show_bug.cgi?id=127045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bz.apache.org/ooo/show_bug.cgi?id=127045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1513", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1513" }, { "reference_url": "http://www.openoffice.org/security/cves/CVE-2016-1513.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openoffice.org/security/cves/CVE-2016-1513.html" }, { "reference_url": "http://www.securityfocus.com/bid/92079", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/92079" }, { "reference_url": "http://www.securitytracker.com/id/1036443", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036443" }, { "reference_url": "http://www.talosintelligence.com/reports/TALOS-2016-0051/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.talosintelligence.com/reports/TALOS-2016-0051/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3046-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-3046-1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1513", "reference_id": "CVE-2016-1513", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1513" }, { "reference_url": "https://security.gentoo.org/glsa/201703-01", "reference_id": "GLSA-201703-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201703-01" }, { "reference_url": "https://usn.ubuntu.com/3046-1/", "reference_id": "USN-3046-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3046-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928419?format=api", "purl": "pkg:deb/debian/libreoffice@1:4.3.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:4.3.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-1513" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-15h8-ucrr-kqbb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60132?format=api", "vulnerability_id": "VCID-1981-p3m3-sfhe", "summary": "Multiple vulnerabilities have been found in LibreOffice, the worst of which could result in user-assisted code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6185.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6185.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6185", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.78978", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79013", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79044", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79028", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79018", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79046", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79043", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79041", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79075", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79081", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79096", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79108", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79004", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.78989", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.7902", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01439", "scoring_system": "epss", "scoring_elements": "0.80827", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6186", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6186" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254003", "reference_id": "2254003", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254003" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/cve-2023-6185", "reference_id": "cve-2023-6185", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-12-20T16:47:31Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/cve-2023-6185" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5574", "reference_id": "dsa-5574", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-12-20T16:47:31Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5574" }, { "reference_url": "https://security.gentoo.org/glsa/202402-29", "reference_id": "GLSA-202402-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-29" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html", "reference_id": "msg00026.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-12-20T16:47:31Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/", "reference_id": "QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-12-20T16:47:31Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1423", "reference_id": "RHSA-2024:1423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1425", "reference_id": "RHSA-2024:1425", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1425" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1427", "reference_id": "RHSA-2024:1427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1473", "reference_id": "RHSA-2024:1473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1480", "reference_id": "RHSA-2024:1480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1512", "reference_id": "RHSA-2024:1512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1513", "reference_id": "RHSA-2024:1513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1514", "reference_id": "RHSA-2024:1514", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1514" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3304", "reference_id": "RHSA-2024:3304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3835", "reference_id": "RHSA-2024:3835", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3835" }, { "reference_url": "https://usn.ubuntu.com/6546-1/", "reference_id": "USN-6546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6546-1/" }, { "reference_url": "https://usn.ubuntu.com/6546-2/", "reference_id": "USN-6546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928447?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u8%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928446?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928448?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.6.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.6.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-6185" ], "risk_score": 3.8, "exploitability": "0.5", "weighted_severity": "7.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1981-p3m3-sfhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81242?format=api", "vulnerability_id": "VCID-1vte-fcdx-nfcd", "summary": "libreoffice: crash recovered MSOffice encrypted documents defaulted to not to using encryption on next save", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12801.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12801.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12801", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40235", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.39808", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40087", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.39952", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.39872", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.39743", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40259", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40182", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40234", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40245", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40256", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40218", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40199", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40247", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40217", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.4014", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.39967", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12801" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137844", "reference_id": "2137844", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137844" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12801", "reference_id": "CVE-2020-12801", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T15:37:49Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12801" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T15:37:49Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00011.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html", "reference_id": "msg00026.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T15:37:49Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html" }, { "reference_url": "https://usn.ubuntu.com/5694-1/", "reference_id": "USN-5694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5694-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928431?format=api", "purl": "pkg:deb/debian/libreoffice@1:6.4.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:6.4.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-12801" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1vte-fcdx-nfcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76364?format=api", "vulnerability_id": "VCID-1ykj-3m3w-1fez", "summary": "libreoffice: create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3044.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3044.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3044", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.85007", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84913", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84934", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84935", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84933", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84958", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84966", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84982", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84852", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.8487", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84872", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84895", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84902", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.8492", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84919", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3044" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3044", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3044" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280542", "reference_id": "2280542", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280542" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TU3TYDXICKPYHMCNL7ARYYBXACEAYJ4/", "reference_id": "3TU3TYDXICKPYHMCNL7ARYYBXACEAYJ4", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:55:50Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TU3TYDXICKPYHMCNL7ARYYBXACEAYJ4/" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2024-3044", "reference_id": "CVE-2024-3044", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:55:50Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2024-3044" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00016.html", "reference_id": "msg00016.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:55:50Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00016.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4242", "reference_id": "RHSA-2024:4242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4755", "reference_id": "RHSA-2024:4755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4755" }, { "reference_url": "https://usn.ubuntu.com/6789-1/", "reference_id": "USN-6789-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6789-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928454?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u9?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u9%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928453?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928455?format=api", "purl": "pkg:deb/debian/libreoffice@4:24.2.3~rc1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:24.2.3~rc1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-3044" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1ykj-3m3w-1fez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84448?format=api", "vulnerability_id": "VCID-2hqv-dn95-vqd5", "summary": "libreoffice: heap-based buffer overflow related to the ReadJPEG function", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8358.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-8358.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8358", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66208", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66376", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66357", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66356", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66333", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66249", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66275", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66245", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66293", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66306", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66326", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66313", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66282", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66316", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66332", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66318", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66342", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-8358" }, { "reference_url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=889", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=889" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/LibreOffice/core/commit/6e6e54f944a5ebb49e9110bdeff844d00a96c56c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/LibreOffice/core/commit/6e6e54f944a5ebb49e9110bdeff844d00a96c56c" }, { "reference_url": "http://www.securityfocus.com/bid/98395", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/98395" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1447279", "reference_id": "1447279", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1447279" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8358", "reference_id": "CVE-2017-8358", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8358" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928423?format=api", "purl": "pkg:deb/debian/libreoffice@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-8358" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2hqv-dn95-vqd5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47712?format=api", "vulnerability_id": "VCID-2p1p-4t4u-kyd8", "summary": "Multiple vulnerabilities have been found in both LibreOffice and\n OpenOffice allowing remote attackers to execute arbitrary code or cause\n Denial of Service.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144836.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-November/144836.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9093.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9093.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9093", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03334", "scoring_system": "epss", "scoring_elements": "0.8736", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.03334", "scoring_system": "epss", "scoring_elements": "0.87239", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03334", "scoring_system": "epss", "scoring_elements": "0.87249", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03334", "scoring_system": "epss", "scoring_elements": "0.87265", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03334", "scoring_system": "epss", "scoring_elements": "0.87262", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03334", "scoring_system": "epss", "scoring_elements": "0.87281", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03334", "scoring_system": "epss", "scoring_elements": "0.87289", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03334", "scoring_system": "epss", "scoring_elements": "0.87302", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03334", "scoring_system": "epss", "scoring_elements": "0.87297", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03334", "scoring_system": "epss", "scoring_elements": "0.87292", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03334", "scoring_system": "epss", "scoring_elements": "0.87307", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03334", "scoring_system": "epss", "scoring_elements": "0.87311", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03334", "scoring_system": "epss", "scoring_elements": "0.87305", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03334", "scoring_system": "epss", "scoring_elements": "0.87321", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03334", "scoring_system": "epss", "scoring_elements": "0.87328", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.03334", "scoring_system": "epss", "scoring_elements": "0.8733", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03334", "scoring_system": "epss", "scoring_elements": "0.87347", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9093" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=86449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=86449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9093", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9093" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3163", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3163" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/11/19/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2014/11/19/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/11/26/7", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2014/11/26/7" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2578-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2578-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1165737", "reference_id": "1165737", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1165737" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771163", "reference_id": "771163", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771163" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9093", "reference_id": "CVE-2014-9093", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9093" }, { "reference_url": "https://security.gentoo.org/glsa/201603-05", "reference_id": "GLSA-201603-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-05" }, { "reference_url": "https://usn.ubuntu.com/2578-1/", "reference_id": "USN-2578-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2578-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928413?format=api", "purl": "pkg:deb/debian/libreoffice@1:4.3.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:4.3.3-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-9093" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2p1p-4t4u-kyd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79727?format=api", "vulnerability_id": "VCID-3kcp-zzcm-kfc9", "summary": "security update", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00040.html" }, { "reference_url": "http://packetstormsecurity.com/files/156474/Open-Xchange-App-Suite-Documents-Server-Side-Request-Forgery.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://packetstormsecurity.com/files/156474/Open-Xchange-App-Suite-Documents-Server-Side-Request-Forgery.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9853.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9853.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9853", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52485", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52541", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52583", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52547", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52488", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52531", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52558", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52524", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52577", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.5257", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52621", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52605", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.5259", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52629", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52637", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52622", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52573", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9853" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9850", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9850" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9851", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9851" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9853", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9853" }, { "reference_url": "http://seclists.org/fulldisclosure/2020/Feb/23", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/fulldisclosure/2020/Feb/23" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.apache.org/thread.html/19c917f7c8a0d8f62142046fabfe3e2c7d6091ef1f92b99c6e79e24e%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/19c917f7c8a0d8f62142046fabfe3e2c7d6091ef1f92b99c6e79e24e%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/27339e8a9a1e9bb47fbdb939b338256d0356250a1974aaf4d774f683%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/27339e8a9a1e9bb47fbdb939b338256d0356250a1974aaf4d774f683%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/306a374361891eb17c6cffc99c3d7be1d3152a99c839d4231edc1631%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/306a374361891eb17c6cffc99c3d7be1d3152a99c839d4231edc1631%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/3a5570ca5cd14ad08e24684c71cfeff3a507f108fe3cf30ba4f58226%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/3a5570ca5cd14ad08e24684c71cfeff3a507f108fe3cf30ba4f58226%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/4ae0e6e52600f408d943ded079d314733ce188b04b04471464f89c4f%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/4ae0e6e52600f408d943ded079d314733ce188b04b04471464f89c4f%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/70da9481dca267405e1d79e53942264765ef3f55c9a563c3737e3926%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/70da9481dca267405e1d79e53942264765ef3f55c9a563c3737e3926%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/9dc85d9937ad7f101047c53f78c00e8ceb135eaeff7dcf4724b46f2c%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/9dc85d9937ad7f101047c53f78c00e8ceb135eaeff7dcf4724b46f2c%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/a5231ad45b030b54828c7b0b62a7e7d4b48481c7cb83ff628e07fa43%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/a5231ad45b030b54828c7b0b62a7e7d4b48481c7cb83ff628e07fa43%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/a540d1b6f9a7ebb206adba02839f654a6ee63a7b0976f559a847e49a%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/a540d1b6f9a7ebb206adba02839f654a6ee63a7b0976f559a847e49a%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ca216900abd846f0220fe18b95f9f787bdbe0e87fa4eee822073cd69%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/ca216900abd846f0220fe18b95f9f787bdbe0e87fa4eee822073cd69%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQGBRSD73KTDZ2MPAOL7FBWO3SQVYE5B/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQGBRSD73KTDZ2MPAOL7FBWO3SQVYE5B/" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9853/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9853/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797466", "reference_id": "1797466", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797466" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9853", "reference_id": "CVE-2019-9853", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1151", "reference_id": "RHSA-2020:1151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1598", "reference_id": "RHSA-2020:1598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1598" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928429?format=api", "purl": "pkg:deb/debian/libreoffice@1:6.3.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:6.3.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9853" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3kcp-zzcm-kfc9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97697?format=api", "vulnerability_id": "VCID-4kzn-nb3d-e3c8", "summary": "Improper Certificate Validation vulnerability in LibreOffice \"LibreOfficeKit\" mode disables TLS certification verification\n\nLibreOfficeKit can be used for accessing LibreOffice functionality \nthrough C/C++. Typically this is used by third party components to reuse\n LibreOffice as a library to convert, view or otherwise interact with \ndocuments.\n\nLibreOffice internally makes use of \"curl\" to fetch remote resources such as images hosted on webservers.\n\nIn\n affected versions of LibreOffice, when used in LibreOfficeKit mode \nonly, then curl's TLS certification verification was disabled \n(CURLOPT_SSL_VERIFYPEER of false)\n\nIn the fixed versions curl operates in LibreOfficeKit mode the same as in standard mode with CURLOPT_SSL_VERIFYPEER of true.\n\nThis issue affects LibreOffice before version 24.2.4.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5261", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.67387", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.67365", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.67366", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.67342", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.67272", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.67295", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.67273", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.67324", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.67337", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.67358", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.67345", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.6731", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.67357", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.67335", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00532", "scoring_system": "epss", "scoring_elements": "0.67355", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5261" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/cve-2024-5261", "reference_id": "cve-2024-5261", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-25T13:27:12Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/cve-2024-5261" }, { "reference_url": "https://usn.ubuntu.com/6877-1/", "reference_id": "USN-6877-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6877-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928423?format=api", "purl": "pkg:deb/debian/libreoffice@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928456?format=api", "purl": "pkg:deb/debian/libreoffice@4:24.2.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:24.2.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-5261" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4kzn-nb3d-e3c8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83227?format=api", "vulnerability_id": "VCID-4y7m-x49j-f3gg", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12608.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12608.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12608", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01141", "scoring_system": "epss", "scoring_elements": "0.78371", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01141", "scoring_system": "epss", "scoring_elements": "0.78431", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01141", "scoring_system": "epss", "scoring_elements": "0.78377", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01141", "scoring_system": "epss", "scoring_elements": "0.78408", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01141", "scoring_system": "epss", "scoring_elements": "0.78391", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01141", "scoring_system": "epss", "scoring_elements": "0.78418", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01141", "scoring_system": "epss", "scoring_elements": "0.78423", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01141", "scoring_system": "epss", "scoring_elements": "0.78449", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01141", "scoring_system": "epss", "scoring_elements": "0.78424", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01151", "scoring_system": "epss", "scoring_elements": "0.78577", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01151", "scoring_system": "epss", "scoring_elements": "0.78593", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01151", "scoring_system": "epss", "scoring_elements": "0.78618", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01815", "scoring_system": "epss", "scoring_elements": "0.82906", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01815", "scoring_system": "epss", "scoring_elements": "0.82915", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01815", "scoring_system": "epss", "scoring_elements": "0.82884", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01815", "scoring_system": "epss", "scoring_elements": "0.82883", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01815", "scoring_system": "epss", "scoring_elements": "0.82882", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12608" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12607", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12607" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12608", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12608" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00017.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00017.html" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-4022" }, { "reference_url": "https://www.openoffice.org/security/cves/CVE-2017-12608.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.openoffice.org/security/cves/CVE-2017-12608.html" }, { "reference_url": "http://www.securityfocus.com/bid/101585", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101585" }, { "reference_url": "http://www.securitytracker.com/id/1039733", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039733" }, { "reference_url": "http://www.securitytracker.com/id/1039735", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039735" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1507806", "reference_id": "1507806", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1507806" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12608", "reference_id": "CVE-2017-12608", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12608" }, { "reference_url": "https://usn.ubuntu.com/3472-1/", "reference_id": "USN-3472-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3472-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928421?format=api", "purl": "pkg:deb/debian/libreoffice@1:5.0.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:5.0.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-12608" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4y7m-x49j-f3gg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36606?format=api", "vulnerability_id": "VCID-5j4w-jaa8-7kae", "summary": "Multiple vulnerabilities have been found in OpenOffice and\n LibreOffice, the worst of which may result in execution of arbitrary code.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135020.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2014-07/msg00006.html" }, { "reference_url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-0247.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-0247.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0377.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0377.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0247.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0247.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0247", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06607", "scoring_system": "epss", "scoring_elements": "0.91245", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.06607", "scoring_system": "epss", "scoring_elements": "0.91126", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06607", "scoring_system": "epss", "scoring_elements": "0.91131", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06607", "scoring_system": "epss", "scoring_elements": "0.91139", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06607", "scoring_system": "epss", "scoring_elements": "0.91147", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06607", "scoring_system": "epss", "scoring_elements": "0.9116", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06607", "scoring_system": "epss", "scoring_elements": "0.91166", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06607", "scoring_system": "epss", "scoring_elements": "0.91174", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06607", "scoring_system": "epss", "scoring_elements": "0.91176", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06607", "scoring_system": "epss", "scoring_elements": "0.912", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06607", "scoring_system": "epss", "scoring_elements": "0.91203", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06607", "scoring_system": "epss", "scoring_elements": "0.91216", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.06607", "scoring_system": "epss", "scoring_elements": "0.91214", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.06607", "scoring_system": "epss", "scoring_elements": "0.91213", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.06607", "scoring_system": "epss", "scoring_elements": "0.91227", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0247" }, { "reference_url": "https://bugs.mageia.org/show_bug.cgi?id=13580", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.mageia.org/show_bug.cgi?id=13580" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0247", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0247" }, { "reference_url": "http://secunia.com/advisories/57383", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/57383" }, { "reference_url": "http://secunia.com/advisories/59330", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59330" }, { "reference_url": "http://secunia.com/advisories/60799", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/60799" }, { "reference_url": "https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=blobdiff%3Bf=sfx2/source/doc/docmacromode.cxx%3Bh=4d4ae52b4339582a039744d03671c1db0633d6c3%3Bhp=2108d1920f8148ff60fd4a57684f295d6d733e7b%3Bhb=1b0402f87c9b17fef2141130bfaa1798ece6ba0d%3Bhpb=4d2113250fa7ed62fe2c53ed0f76e3de5875cb81", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gerrit.libreoffice.org/gitweb?p=core.git%3Ba=blobdiff%3Bf=sfx2/source/doc/docmacromode.cxx%3Bh=4d4ae52b4339582a039744d03671c1db0633d6c3%3Bhp=2108d1920f8148ff60fd4a57684f295d6d733e7b%3Bhb=1b0402f87c9b17fef2141130bfaa1798ece6ba0d%3Bhpb=4d2113250fa7ed62fe2c53ed0f76e3de5875cb81" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/cve-2014-0247/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.libreoffice.org/about-us/security/advisories/cve-2014-0247/" }, { "reference_url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.gentoo.org/security/en/glsa/glsa-201408-19.xml" }, { "reference_url": "http://www.securityfocus.com/bid/68151", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/68151" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2253-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2253-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1111083", "reference_id": "1111083", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1111083" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0247", "reference_id": "CVE-2014-0247", "reference_type": "", "scores": [ { "value": "10.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0247" }, { "reference_url": "https://security.gentoo.org/glsa/201408-19", "reference_id": "GLSA-201408-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0377", "reference_id": "RHSA-2015:0377", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0377" }, { "reference_url": "https://usn.ubuntu.com/2253-1/", "reference_id": "USN-2253-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2253-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928411?format=api", "purl": "pkg:deb/debian/libreoffice@1:4.2.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:4.2.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-0247" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5j4w-jaa8-7kae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79728?format=api", "vulnerability_id": "VCID-5rdw-edhu-qbhf", "summary": "security update", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00055.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9854.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9854.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9854", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00671", "scoring_system": "epss", "scoring_elements": "0.71472", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73276", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73418", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73416", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73412", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73286", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.7331", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73282", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73318", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73331", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73355", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73335", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73327", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.7337", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73378", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73371", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73405", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9854" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XQKKOIY2DMZCXJINOLIQXD2NWISDKK3N/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XQKKOIY2DMZCXJINOLIQXD2NWISDKK3N/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Sep/17", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Sep/17" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4519" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9854/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9854/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1769907", "reference_id": "1769907", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1769907" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9854", "reference_id": "CVE-2019-9854", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1151", "reference_id": "RHSA-2020:1151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1598", "reference_id": "RHSA-2020:1598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1598" }, { "reference_url": "https://usn.ubuntu.com/4138-1/", "reference_id": "USN-4138-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4138-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928430?format=api", "purl": "pkg:deb/debian/libreoffice@1:6.3.1~rc2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:6.3.1~rc2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9854" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5rdw-edhu-qbhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84453?format=api", "vulnerability_id": "VCID-6zer-5gyz-d7aa", "summary": "libreoffice: Heap-buffer-overflow in HWPFile::TagsRead", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7882.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7882.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7882", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79011", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79172", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79115", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79122", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79138", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.7915", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79017", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79044", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79028", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79053", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79059", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79084", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79069", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79087", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01219", "scoring_system": "epss", "scoring_elements": "0.79082", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7882" }, { "reference_url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=860" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/LibreOffice/core/commit/65dcd1d8195069c8c8acb3a188b8e5616c51029c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/LibreOffice/core/commit/65dcd1d8195069c8c8acb3a188b8e5616c51029c" }, { "reference_url": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7882/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7882/" }, { "reference_url": "http://www.securityfocus.com/bid/97684", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/97684" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444056", "reference_id": "1444056", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444056" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7882", "reference_id": "CVE-2017-7882", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7882" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928423?format=api", "purl": "pkg:deb/debian/libreoffice@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7882" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6zer-5gyz-d7aa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50388?format=api", "vulnerability_id": "VCID-71cy-5hgf-skdr", "summary": "Multiple vulnerabilities have been found in LibreOffice, the worst\n of which allows for the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10327.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10327.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10327", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69563", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69745", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69721", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69727", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69701", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69576", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69591", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.6957", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69621", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69637", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69659", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69644", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.6963", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69671", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.6968", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69661", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69713", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10327" }, { "reference_url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=313", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=313" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10327", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10327" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/LibreOffice/core/commit/7485fc2a1484f31631f62f97e5c64c0ae74c6416", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/LibreOffice/core/commit/7485fc2a1484f31631f62f97e5c64c0ae74c6416" }, { "reference_url": "http://www.libreoffice.org/about-us/security/advisories/cve-2016-10327/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.libreoffice.org/about-us/security/advisories/cve-2016-10327/" }, { "reference_url": "http://www.securityfocus.com/bid/97668", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/97668" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444053", "reference_id": "1444053", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444053" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:*:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10327", "reference_id": "CVE-2016-10327", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10327" }, { "reference_url": "https://security.gentoo.org/glsa/201706-28", "reference_id": "GLSA-201706-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201706-28" }, { "reference_url": "https://usn.ubuntu.com/3273-1/", "reference_id": "USN-3273-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3273-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928418?format=api", "purl": "pkg:deb/debian/libreoffice@1:5.2.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:5.2.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-10327" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-71cy-5hgf-skdr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47713?format=api", "vulnerability_id": "VCID-7du8-skt4-dkew", "summary": "Multiple vulnerabilities have been found in both LibreOffice and\n OpenOffice allowing remote attackers to execute arbitrary code or cause\n Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1774.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1774.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1774", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09725", "scoring_system": "epss", "scoring_elements": "0.92912", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.09725", "scoring_system": "epss", "scoring_elements": "0.9292", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.09725", "scoring_system": "epss", "scoring_elements": "0.92924", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.09725", "scoring_system": "epss", "scoring_elements": "0.92931", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.09725", "scoring_system": "epss", "scoring_elements": "0.92936", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.09725", "scoring_system": "epss", "scoring_elements": "0.92941", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.09725", "scoring_system": "epss", "scoring_elements": "0.92939", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.09725", "scoring_system": "epss", "scoring_elements": "0.9294", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.09725", "scoring_system": "epss", "scoring_elements": "0.9295", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.09725", "scoring_system": "epss", "scoring_elements": "0.92952", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.09725", "scoring_system": "epss", "scoring_elements": "0.92959", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.09725", "scoring_system": "epss", "scoring_elements": "0.92961", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.09725", "scoring_system": "epss", "scoring_elements": "0.92963", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.09725", "scoring_system": "epss", "scoring_elements": "0.92967", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.09725", "scoring_system": "epss", "scoring_elements": "0.92982", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1774" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216042", "reference_id": "1216042", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216042" }, { "reference_url": "https://security.gentoo.org/glsa/201603-05", "reference_id": "GLSA-201603-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1458", "reference_id": "RHSA-2015:1458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1458" }, { "reference_url": "https://usn.ubuntu.com/2578-1/", "reference_id": "USN-2578-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2578-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928414?format=api", "purl": "pkg:deb/debian/libreoffice@1:4.4.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:4.4.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-1774" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7du8-skt4-dkew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60133?format=api", "vulnerability_id": "VCID-7y9n-6x5a-k3eg", "summary": "Multiple vulnerabilities have been found in LibreOffice, the worst of which could result in user-assisted code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6186.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6186.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6186", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00988", "scoring_system": "epss", "scoring_elements": "0.76957", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.7785", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77878", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77859", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77886", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77891", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77918", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77902", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01287", "scoring_system": "epss", "scoring_elements": "0.79663", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01287", "scoring_system": "epss", "scoring_elements": "0.79662", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01287", "scoring_system": "epss", "scoring_elements": "0.79666", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01287", "scoring_system": "epss", "scoring_elements": "0.79696", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01287", "scoring_system": "epss", "scoring_elements": "0.79703", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01287", "scoring_system": "epss", "scoring_elements": "0.79718", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01287", "scoring_system": "epss", "scoring_elements": "0.79734", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6186" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6186", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6186" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254005", "reference_id": "2254005", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254005" }, { "reference_url": "https://security.gentoo.org/glsa/202402-29", "reference_id": "GLSA-202402-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-29" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1423", "reference_id": "RHSA-2024:1423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1425", "reference_id": "RHSA-2024:1425", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1425" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1427", "reference_id": "RHSA-2024:1427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1473", "reference_id": "RHSA-2024:1473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1480", "reference_id": "RHSA-2024:1480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1512", "reference_id": "RHSA-2024:1512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1513", "reference_id": "RHSA-2024:1513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1514", "reference_id": "RHSA-2024:1514", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1514" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3835", "reference_id": "RHSA-2024:3835", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3835" }, { "reference_url": "https://usn.ubuntu.com/6546-1/", "reference_id": "USN-6546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6546-1/" }, { "reference_url": "https://usn.ubuntu.com/6546-2/", "reference_id": "USN-6546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928447?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u8%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928446?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928449?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.6.4~rc1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.6.4~rc1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-6186" ], "risk_score": 3.8, "exploitability": "0.5", "weighted_severity": "7.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7y9n-6x5a-k3eg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83226?format=api", "vulnerability_id": "VCID-886d-gwa2-6bcf", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12607.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12607.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12607", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00626", "scoring_system": "epss", "scoring_elements": "0.70295", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00626", "scoring_system": "epss", "scoring_elements": "0.70279", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00626", "scoring_system": "epss", "scoring_elements": "0.70253", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74702", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74677", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74709", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74723", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74673", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74747", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74726", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74717", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74676", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00991", "scoring_system": "epss", "scoring_elements": "0.76928", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00991", "scoring_system": "epss", "scoring_elements": "0.76933", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00991", "scoring_system": "epss", "scoring_elements": "0.76925", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00991", "scoring_system": "epss", "scoring_elements": "0.76958", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00991", "scoring_system": "epss", "scoring_elements": "0.76966", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12607" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12607", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12607" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12608", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12608" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00017.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2017/12/msg00017.html" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-4022" }, { "reference_url": "https://www.openoffice.org/security/cves/CVE-2017-12607.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.openoffice.org/security/cves/CVE-2017-12607.html" }, { "reference_url": "http://www.securityfocus.com/bid/101585", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101585" }, { "reference_url": "http://www.securitytracker.com/id/1039732", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039732" }, { "reference_url": "http://www.securitytracker.com/id/1039734", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039734" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1507805", "reference_id": "1507805", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1507805" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12607", "reference_id": "CVE-2017-12607", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12607" }, { "reference_url": "https://usn.ubuntu.com/3472-1/", "reference_id": "USN-3472-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3472-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928421?format=api", "purl": "pkg:deb/debian/libreoffice@1:5.0.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:5.0.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-12607" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-886d-gwa2-6bcf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210863?format=api", "vulnerability_id": "VCID-8yqv-n1gc-tqaz", "summary": "LibreOffice is typically bundled with LibreLogo, a programmable turtle vector graphics script, which can execute arbitrary python commands contained with the document it is launched from. LibreOffice also has a feature where documents can specify that pre-installed scripts can be executed on various document script events such as mouse-over, etc. Protection was added to block calling LibreLogo from script event handers. However a Windows 8.3 path equivalence handling flaw left LibreOffice vulnerable under Windows that a document could trigger executing LibreLogo via a Windows filename pseudonym. This issue affects: Document Foundation LibreOffice 6.2 versions prior to 6.2.7; 6.3 versions prior to 6.3.1.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00055.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9855", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63104", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63057", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.62944", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63003", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63031", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.62996", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63047", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63062", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.6308", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63066", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63044", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63087", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.63101", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00437", "scoring_system": "epss", "scoring_elements": "0.631", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9855" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9855/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9855/" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9855", "reference_id": "CVE-2019-9855", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9855" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928423?format=api", "purl": "pkg:deb/debian/libreoffice@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9855" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8yqv-n1gc-tqaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79644?format=api", "vulnerability_id": "VCID-91c1-yujx-zbft", "summary": "libreoffice: Incorrect trust validation of signature with ambiguous KeyInfo children", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25636.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25636.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25636", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38994", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.3918", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39202", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39121", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39176", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39192", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39152", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39115", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39095", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.3915", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.3912", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39032", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38823", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.388", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38717", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38593", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38666", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25636" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25636", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25636" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056955", "reference_id": "2056955", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7461", "reference_id": "RHSA-2022:7461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7461" }, { "reference_url": "https://usn.ubuntu.com/5330-1/", "reference_id": "USN-5330-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5330-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928436?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928435?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.3.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.3.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-25636" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-91c1-yujx-zbft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36605?format=api", "vulnerability_id": "VCID-acx5-dxzt-nqap", "summary": "Multiple vulnerabilities have been found in OpenOffice and\n LibreOffice, the worst of which may result in execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2665.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2665.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2665", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05023", "scoring_system": "epss", "scoring_elements": "0.89691", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05023", "scoring_system": "epss", "scoring_elements": "0.89694", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05023", "scoring_system": "epss", "scoring_elements": "0.89709", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05023", "scoring_system": "epss", "scoring_elements": "0.89711", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05023", "scoring_system": "epss", "scoring_elements": "0.89729", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05023", "scoring_system": "epss", "scoring_elements": "0.89735", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05023", "scoring_system": "epss", "scoring_elements": "0.89742", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05023", "scoring_system": "epss", "scoring_elements": "0.89741", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05023", "scoring_system": "epss", "scoring_elements": "0.89734", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05023", "scoring_system": "epss", "scoring_elements": "0.8975", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05023", "scoring_system": "epss", "scoring_elements": "0.89745", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05023", "scoring_system": "epss", "scoring_elements": "0.89759", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.05023", "scoring_system": "epss", "scoring_elements": "0.89761", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.05023", "scoring_system": "epss", "scoring_elements": "0.8976", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.05023", "scoring_system": "epss", "scoring_elements": "0.89773", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.05023", "scoring_system": "epss", "scoring_elements": "0.89788", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2665" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2665" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=826077", "reference_id": "826077", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=826077" }, { "reference_url": "https://security.gentoo.org/glsa/201209-05", "reference_id": "GLSA-201209-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201209-05" }, { "reference_url": "https://security.gentoo.org/glsa/201408-19", "reference_id": "GLSA-201408-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1135", "reference_id": "RHSA-2012:1135", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1136", "reference_id": "RHSA-2012:1136", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1136" }, { "reference_url": "https://usn.ubuntu.com/1536-1/", "reference_id": "USN-1536-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1536-1/" }, { "reference_url": "https://usn.ubuntu.com/1537-1/", "reference_id": "USN-1537-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1537-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928408?format=api", "purl": "pkg:deb/debian/libreoffice@1:3.5.4-7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:3.5.4-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-2665" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-acx5-dxzt-nqap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80006?format=api", "vulnerability_id": "VCID-b13x-6q14-gfau", "summary": "libreoffice: Timestamp Manipulation with Signature Wrapping", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25634.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25634.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25634", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.6095", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61027", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61056", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61021", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.6107", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61086", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61107", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61093", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61074", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61116", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61122", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61106", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61095", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.611", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61048", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61097", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25634" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013151", "reference_id": "2013151", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1766", "reference_id": "RHSA-2022:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1766" }, { "reference_url": "https://usn.ubuntu.com/5153-1/", "reference_id": "USN-5153-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5153-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928434?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928433?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.2.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.2.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-25634" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b13x-6q14-gfau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93499?format=api", "vulnerability_id": "VCID-b79q-fg8n-vbf8", "summary": "When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs. In this case OpenOffice runs into an Arithmetic Overflow at a string length calculation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11790", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.66061", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.66015", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.65896", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.65937", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.65967", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.65934", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.65985", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.65997", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.66016", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.66003", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.65972", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.66008", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.66021", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.66009", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.66028", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.66039", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.66038", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-11790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11790" }, { "reference_url": "https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://www.openoffice.org/security/cves/CVE-2018-11790.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.openoffice.org/security/cves/CVE-2018-11790.html" }, { "reference_url": "http://www.securityfocus.com/bid/106803", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106803" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11790", "reference_id": "CVE-2018-11790", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11790" }, { "reference_url": "https://usn.ubuntu.com/3883-1/", "reference_id": "USN-3883-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3883-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928426?format=api", "purl": "pkg:deb/debian/libreoffice@1:4.0.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:4.0.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-11790" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b79q-fg8n-vbf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47714?format=api", "vulnerability_id": "VCID-by33-ugtg-47hx", "summary": "Multiple vulnerabilities have been found in both LibreOffice and\n OpenOffice allowing remote attackers to execute arbitrary code or cause\n Denial of Service.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4551.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4551.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4551", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.096", "scoring_system": "epss", "scoring_elements": "0.92917", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.096", "scoring_system": "epss", "scoring_elements": "0.92852", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.096", "scoring_system": "epss", "scoring_elements": "0.92859", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.096", "scoring_system": "epss", "scoring_elements": "0.92863", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.096", "scoring_system": "epss", "scoring_elements": "0.9286", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.096", "scoring_system": "epss", "scoring_elements": "0.92869", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.096", "scoring_system": "epss", "scoring_elements": "0.92873", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.096", "scoring_system": "epss", "scoring_elements": "0.92878", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.096", "scoring_system": "epss", "scoring_elements": "0.92887", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.096", "scoring_system": "epss", "scoring_elements": "0.92889", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.096", "scoring_system": "epss", "scoring_elements": "0.92895", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.096", "scoring_system": "epss", "scoring_elements": "0.92897", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.096", "scoring_system": "epss", "scoring_elements": "0.92899", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.096", "scoring_system": "epss", "scoring_elements": "0.92903", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5212", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5212" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5213", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5213" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5214", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5214" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3394", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3394" }, { "reference_url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-4551/" }, { "reference_url": "http://www.openoffice.org/security/cves/CVE-2015-4551.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openoffice.org/security/cves/CVE-2015-4551.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/77486", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/77486" }, { "reference_url": "http://www.securitytracker.com/id/1034085", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034085" }, { "reference_url": "http://www.securitytracker.com/id/1034091", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034091" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2793-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2793-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1278812", "reference_id": "1278812", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1278812" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4551", "reference_id": "CVE-2015-4551", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4551" }, { "reference_url": "https://security.gentoo.org/glsa/201603-05", "reference_id": "GLSA-201603-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-05" }, { "reference_url": "https://security.gentoo.org/glsa/201611-03", "reference_id": "GLSA-201611-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201611-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2619", "reference_id": "RHSA-2015:2619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2619" }, { "reference_url": "https://usn.ubuntu.com/2793-1/", "reference_id": "USN-2793-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2793-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928415?format=api", "purl": "pkg:deb/debian/libreoffice@1:5.0.1~rc1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:5.0.1~rc1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-4551" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-by33-ugtg-47hx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41757?format=api", "vulnerability_id": "VCID-bywq-ypgf-xyae", "summary": "A vulnerability has been discovered in LibreOffice which could result in arbitrary script execution via crafted links.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3140.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3140.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3140", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.80004", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79967", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79981", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79841", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79862", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.7985", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79879", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79886", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79907", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.7989", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79882", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79911", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79912", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79915", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79943", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79949", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3140" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134697", "reference_id": "2134697", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134697" }, { "reference_url": "https://security.archlinux.org/AVG-2806", "reference_id": "AVG-2806", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2806" }, { "reference_url": "https://security.archlinux.org/AVG-2807", "reference_id": "AVG-2807", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2807" }, { "reference_url": "https://security.gentoo.org/glsa/202212-04", "reference_id": "GLSA-202212-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202212-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0089", "reference_id": "RHSA-2023:0089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0089" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0304", "reference_id": "RHSA-2023:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0304" }, { "reference_url": "https://usn.ubuntu.com/5694-1/", "reference_id": "USN-5694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5694-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928441?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928440?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.4.1~rc2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.4.1~rc2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-3140" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bywq-ypgf-xyae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79724?format=api", "vulnerability_id": "VCID-c1fx-u5yh-jucb", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9850.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9850.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9850", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.863", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86311", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86329", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.8633", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86347", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86357", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86371", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86369", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86363", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.8638", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86385", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86378", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86398", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86408", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86404", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86424", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86444", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9850" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9850", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9850" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9851", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9851" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9853", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9853" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744862", "reference_id": "1744862", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1151", "reference_id": "RHSA-2020:1151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1598", "reference_id": "RHSA-2020:1598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1598" }, { "reference_url": "https://usn.ubuntu.com/4102-1/", "reference_id": "USN-4102-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4102-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928429?format=api", "purl": "pkg:deb/debian/libreoffice@1:6.3.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:6.3.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9850" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c1fx-u5yh-jucb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66047?format=api", "vulnerability_id": "VCID-c44v-29b9-tyd8", "summary": "LibreOffice: LibreOffice: Authentication Bypass leading to privilege escalation via bundled interpreter execution", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14714.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14714.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14714", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08421", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08458", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08474", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08394", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08465", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08484", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08478", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08443", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09969", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10118", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10027", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10004", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10089", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10032", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10133", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10109", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14714" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2422247", "reference_id": "2422247", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2422247" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/cve-2025-14714", "reference_id": "cve-2025-14714", "reference_type": "", "scores": [ { "value": "0.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:U" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T13:13:04Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/cve-2025-14714" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928423?format=api", "purl": "pkg:deb/debian/libreoffice@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-14714" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c44v-29b9-tyd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47711?format=api", "vulnerability_id": "VCID-drkj-da54-jfgd", "summary": "Multiple vulnerabilities have been found in both LibreOffice and\n OpenOffice allowing remote attackers to execute arbitrary code or cause\n Denial of Service.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00049.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00049.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-0377.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-0377.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3693.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3693.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3693", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0432", "scoring_system": "epss", "scoring_elements": "0.88962", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0432", "scoring_system": "epss", "scoring_elements": "0.88849", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0432", "scoring_system": "epss", "scoring_elements": "0.88858", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0432", "scoring_system": "epss", "scoring_elements": "0.88873", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0432", "scoring_system": "epss", "scoring_elements": "0.88875", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0432", "scoring_system": "epss", "scoring_elements": "0.88893", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0432", "scoring_system": "epss", "scoring_elements": "0.88899", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0432", "scoring_system": "epss", "scoring_elements": "0.8891", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0432", "scoring_system": "epss", "scoring_elements": "0.88905", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0432", "scoring_system": "epss", "scoring_elements": "0.88918", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0432", "scoring_system": "epss", "scoring_elements": "0.88917", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0432", "scoring_system": "epss", "scoring_elements": "0.88913", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0432", "scoring_system": "epss", "scoring_elements": "0.88929", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0432", "scoring_system": "epss", "scoring_elements": "0.88937", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0432", "scoring_system": "epss", "scoring_elements": "0.88938", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0432", "scoring_system": "epss", "scoring_elements": "0.88946", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3693" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3693", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3693" }, { "reference_url": "http://secunia.com/advisories/62111", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/62111" }, { "reference_url": "http://secunia.com/advisories/62132", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/62132" }, { "reference_url": "http://secunia.com/advisories/62396", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/62396" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2014-3693/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2014-3693/" }, { "reference_url": "http://www.securityfocus.com/bid/71351", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/71351" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2398-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2398-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1164733", "reference_id": "1164733", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1164733" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.0.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.0.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.0.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.0.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.0.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.0.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.0.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.0.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.0.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.0.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.0.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.0.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.1.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.1.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.1.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.2.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.2.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.2.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.2.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.2.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.2.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:4.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:4.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3693", "reference_id": "CVE-2014-3693", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3693" }, { "reference_url": "https://security.gentoo.org/glsa/201603-05", "reference_id": "GLSA-201603-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-05" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0377", "reference_id": "RHSA-2015:0377", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0377" }, { "reference_url": "https://usn.ubuntu.com/2398-1/", "reference_id": "USN-2398-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2398-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928412?format=api", "purl": "pkg:deb/debian/libreoffice@1:4.3.3~rc2~git20141011-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:4.3.3~rc2~git20141011-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2014-3693" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-drkj-da54-jfgd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81206?format=api", "vulnerability_id": "VCID-dt65-hb25-t7ck", "summary": "libreoffice: 'stealth mode' remote resource restrictions bypass", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12802.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12802.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12802", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60615", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60764", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60766", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60717", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.6069", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.6072", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60685", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60733", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60749", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60773", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.6076", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60741", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60783", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60788", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60774", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12802" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850226", "reference_id": "1850226", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850226" }, { "reference_url": "https://security.archlinux.org/AVG-1184", "reference_id": "AVG-1184", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4628", "reference_id": "RHSA-2020:4628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4628" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928432?format=api", "purl": "pkg:deb/debian/libreoffice@1:6.4.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:6.4.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-12802" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dt65-hb25-t7ck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84566?format=api", "vulnerability_id": "VCID-e911-8nez-yfb7", "summary": "libreoffice: Arbitrary file disclosure in Calc and Writer", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3157.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3157.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3157", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.7372", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.73872", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.73843", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.73852", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.73846", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.7373", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.73753", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.73724", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.73759", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.73772", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.73795", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.73777", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.73768", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.7381", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.73817", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00785", "scoring_system": "epss", "scoring_elements": "0.73809", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-3157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3157" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2017/dsa-3792", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2017/dsa-3792" }, { "reference_url": "https://www.openoffice.org/security/cves/CVE-2017-3157.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.openoffice.org/security/cves/CVE-2017-3157.html" }, { "reference_url": "http://www.securityfocus.com/bid/96402", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96402" }, { "reference_url": "http://www.securitytracker.com/id/1037893", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037893" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1425844", "reference_id": "1425844", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1425844" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3157", "reference_id": "CVE-2017-3157", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3157" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0914", "reference_id": "RHSA-2017:0914", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0914" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0979", "reference_id": "RHSA-2017:0979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0979" }, { "reference_url": "https://usn.ubuntu.com/3210-1/", "reference_id": "USN-3210-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3210-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928422?format=api", "purl": "pkg:deb/debian/libreoffice@1:5.2.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:5.2.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-3157" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e911-8nez-yfb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80007?format=api", "vulnerability_id": "VCID-ghfh-sgdt-yybw", "summary": "libreoffice: Content Manipulation with Certificate Validation Attack", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25635.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25635.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25635", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06961", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13651", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13496", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15678", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.1578", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15584", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.1567", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15729", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15696", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15661", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15596", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15524", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15533", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15625", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15624", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15716", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25635" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013152", "reference_id": "2013152", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013152" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/cve-2021-25635/", "reference_id": "cve-2021-25635", "reference_type": "", "scores": [ { "value": "5.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:H/SI:H/SA:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-21T15:13:07Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/cve-2021-25635/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1766", "reference_id": "RHSA-2022:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1766" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928423?format=api", "purl": "pkg:deb/debian/libreoffice@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-25635" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ghfh-sgdt-yybw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86931?format=api", "vulnerability_id": "VCID-heyv-v6k9-jke9", "summary": "libreoffice: multiple null pointer dereference flaws", "references": [ { "reference_url": "http://cgit.freedesktop.org/libreoffice/binfilter/commit/?h=libreoffice-3-5-7&id=7e22ee55ffc9743692f3ddb93e59dd4427029c5b", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cgit.freedesktop.org/libreoffice/binfilter/commit/?h=libreoffice-3-5-7&id=7e22ee55ffc9743692f3ddb93e59dd4427029c5b" }, { "reference_url": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7&id=44bc6b5cac723b52df40fbef026e99b7119d8a69", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7&id=44bc6b5cac723b52df40fbef026e99b7119d8a69" }, { "reference_url": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7&id=6789ec4c1a9c6af84bd62e650a03226a46365d97", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7&id=6789ec4c1a9c6af84bd62e650a03226a46365d97" }, { "reference_url": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7&id=8ca9fb05c9967f11670d045886438ddfa3ac02a7", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cgit.freedesktop.org/libreoffice/core/commit/?h=libreoffice-3-5-7&id=8ca9fb05c9967f11670d045886438ddfa3ac02a7" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00039.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00039.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00075.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2012-12/msg00075.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4233.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4233.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4233", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.85457", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.85298", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.8531", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.85329", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.8533", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.85352", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.8536", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.85375", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.85373", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.8537", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.85389", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.8539", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.85387", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.8541", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.85419", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.85417", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02511", "scoring_system": "epss", "scoring_elements": "0.85432", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-4233" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4233", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4233" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79728" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79730", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79730" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79731", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79731" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79732", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79732" }, { "reference_url": "https://www.htbridge.com/advisory/HTB23106", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.htbridge.com/advisory/HTB23106" }, { "reference_url": "http://www.debian.org/security/2012/dsa-2570", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2012/dsa-2570" }, { "reference_url": "http://www.libreoffice.org/advisories/cve-2012-4233/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.libreoffice.org/advisories/cve-2012-4233/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2012/11/02/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2012/11/02/2" }, { "reference_url": "http://www.securityfocus.com/bid/56352", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/56352" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=872350", "reference_id": "872350", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=872350" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.0:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.0:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.0:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.0:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.0:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.0:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.0:rc3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.0:rc3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.0:rc3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.1:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.1:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.1:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.1:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.1:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.1:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.2:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.2:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.2:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.2:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.2:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.2:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.3:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.3:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.3:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.3:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.3:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.3:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.4:rc2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.4:rc2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.4:rc2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.:rc1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:3.5.:rc1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:3.5.:rc1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:openoffice.org:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sun:openoffice.org:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sun:openoffice.org:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4233", "reference_id": "CVE-2012-4233", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4233" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928409?format=api", "purl": "pkg:deb/debian/libreoffice@1:3.5.4%2Bdfsg-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:3.5.4%252Bdfsg-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-4233" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-heyv-v6k9-jke9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79181?format=api", "vulnerability_id": "VCID-hnaa-96w8-3uhu", "summary": "libreoffice: Execution of Untrusted Macros Due to Improper Certificate Validation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26305.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26305.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26305", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72229", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72214", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72209", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.722", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72088", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72109", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72085", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72122", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72134", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72157", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72141", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72127", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72168", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72176", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72162", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72205", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26305" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118611", "reference_id": "2118611", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118611" }, { "reference_url": "https://security.archlinux.org/AVG-2783", "reference_id": "AVG-2783", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2783" }, { "reference_url": "https://security.archlinux.org/AVG-2784", "reference_id": "AVG-2784", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0089", "reference_id": "RHSA-2023:0089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0089" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0304", "reference_id": "RHSA-2023:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0304" }, { "reference_url": "https://usn.ubuntu.com/5661-1/", "reference_id": "USN-5661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5661-1/" }, { "reference_url": "https://usn.ubuntu.com/5694-1/", "reference_id": "USN-5694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5694-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928436?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928438?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.3.2~rc2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.3.2~rc2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-26305" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hnaa-96w8-3uhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78551?format=api", "vulnerability_id": "VCID-jew4-uq9k-93b3", "summary": "libreoffice: Empty entry in Java class path", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38745.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38745.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38745", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.289", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28851", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28813", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28773", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28707", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.31811", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32092", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.31968", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.31886", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.31739", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32349", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32311", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32283", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.3232", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32296", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32267", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38745" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182044", "reference_id": "2182044", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182044" }, { "reference_url": "https://www.openoffice.org/security/cves/CVE-2022-38745.html", "reference_id": "CVE-2022-38745.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-13T14:37:34Z/" } ], "url": "https://www.openoffice.org/security/cves/CVE-2022-38745.html" }, { "reference_url": "https://lists.apache.org/thread/q3noq7m681kvtb29m28x74q8cnwnzzo0", "reference_id": "q3noq7m681kvtb29m28x74q8cnwnzzo0", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-13T14:37:34Z/" } ], "url": "https://lists.apache.org/thread/q3noq7m681kvtb29m28x74q8cnwnzzo0" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6508", "reference_id": "RHSA-2023:6508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6933", "reference_id": "RHSA-2023:6933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6933" }, { "reference_url": "https://usn.ubuntu.com/6023-1/", "reference_id": "USN-6023-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6023-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928443?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928442?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.3.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.3.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-38745" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jew4-uq9k-93b3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73109?format=api", "vulnerability_id": "VCID-jmtk-qy9f-z3hu", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10120.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10120.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10120", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65822", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65869", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.659", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65865", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65917", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65928", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65946", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65933", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65903", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65938", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65953", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65941", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65954", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65965", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65963", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.6594", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00499", "scoring_system": "epss", "scoring_elements": "0.65986", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10120" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10119", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10119" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10120", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10120" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1569840", "reference_id": "1569840", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1569840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3054", "reference_id": "RHSA-2018:3054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3054" }, { "reference_url": "https://usn.ubuntu.com/3883-1/", "reference_id": "USN-3883-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3883-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928425?format=api", "purl": "pkg:deb/debian/libreoffice@1:6.0.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:6.0.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-10120" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jmtk-qy9f-z3hu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84465?format=api", "vulnerability_id": "VCID-jst3-88yh-mbh7", "summary": "libreoffice: Heap-buffer-overflow in SVMConverter::ImplConvertFromSVM1", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7856.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7856.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7856", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.82656", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.82843", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.82797", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.82803", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.82823", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.82672", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.82687", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.82683", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.82709", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.82715", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.82733", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.82727", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.82723", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.82761", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.82762", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.82766", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01783", "scoring_system": "epss", "scoring_elements": "0.82788", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7856" }, { "reference_url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=817", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=817" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/LibreOffice/core/commit/28e61b634353110445e334ccaa415d7fb6629d62", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/LibreOffice/core/commit/28e61b634353110445e334ccaa415d7fb6629d62" }, { "reference_url": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7856/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7856/" }, { "reference_url": "http://www.securityfocus.com/bid/97667", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/97667" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444054", "reference_id": "1444054", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444054" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7856", "reference_id": "CVE-2017-7856", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7856" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928423?format=api", "purl": "pkg:deb/debian/libreoffice@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7856" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jst3-88yh-mbh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56784?format=api", "vulnerability_id": "VCID-k36c-4eyp-p7hq", "summary": "Multiple vulnerabilities have been found in LibreOffice, the worst\n of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9848.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9848.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9848", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.86449", "scoring_system": "epss", "scoring_elements": "0.99415", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.86558", "scoring_system": "epss", "scoring_elements": "0.9941", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.86558", "scoring_system": "epss", "scoring_elements": "0.9942", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.86558", "scoring_system": "epss", "scoring_elements": "0.99419", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.86558", "scoring_system": "epss", "scoring_elements": "0.99421", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.86558", "scoring_system": "epss", "scoring_elements": "0.99412", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.86558", "scoring_system": "epss", "scoring_elements": "0.99413", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.86558", "scoring_system": "epss", "scoring_elements": "0.99414", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.86558", "scoring_system": "epss", "scoring_elements": "0.99416", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.86558", "scoring_system": "epss", "scoring_elements": "0.99417", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.86558", "scoring_system": "epss", "scoring_elements": "0.99418", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9848" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9848", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9848" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9849", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9849" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737427", "reference_id": "1737427", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737427" }, { "reference_url": "https://security.archlinux.org/ASA-201908-9", "reference_id": "ASA-201908-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201908-9" }, { "reference_url": "https://security.archlinux.org/AVG-1009", "reference_id": "AVG-1009", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1009" }, { "reference_url": "https://security.archlinux.org/AVG-1010", "reference_id": "AVG-1010", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1010" }, { "reference_url": "https://security.gentoo.org/glsa/201908-13", "reference_id": "GLSA-201908-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201908-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1151", "reference_id": "RHSA-2020:1151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1151" }, { "reference_url": "https://usn.ubuntu.com/4063-1/", "reference_id": "USN-4063-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4063-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928428?format=api", "purl": "pkg:deb/debian/libreoffice@1:6.3.0~rc1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:6.3.0~rc1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9848" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k36c-4eyp-p7hq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56791?format=api", "vulnerability_id": "VCID-k3cz-81fc-sbg7", "summary": "Multiple vulnerabilities have been found in both LibreOffice and\n OpenOffice, the worst of which allows for the remote execution of arbitrary\n code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4324.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4324.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4324", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71209", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71374", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71348", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71352", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71338", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71218", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71236", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71211", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71253", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71267", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.7129", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71275", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71259", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71305", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71311", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71289", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71342", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4324" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4324", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4324" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3608", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3608" }, { "reference_url": "http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.libreoffice.org/about-us/security/advisories/cve-2016-4324/" }, { "reference_url": "http://www.securityfocus.com/bid/91499", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/91499" }, { "reference_url": "http://www.securitytracker.com/id/1036209", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1036209" }, { "reference_url": "http://www.talosintelligence.com/reports/TALOS-2016-0126/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.talosintelligence.com/reports/TALOS-2016-0126/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-3022-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-3022-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351197", "reference_id": "1351197", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351197" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4324", "reference_id": "CVE-2016-4324", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-4324" }, { "reference_url": "https://security.gentoo.org/glsa/201611-03", "reference_id": "GLSA-201611-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201611-03" }, { "reference_url": "https://usn.ubuntu.com/3022-1/", "reference_id": "USN-3022-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3022-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928420?format=api", "purl": "pkg:deb/debian/libreoffice@1:5.1.4~rc1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:5.1.4~rc1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-4324" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k3cz-81fc-sbg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61541?format=api", "vulnerability_id": "VCID-k6mn-jky6-wqg2", "summary": "Multiple vulnerabilities have been found in LibreOffice, the worst of which could result in user-assisted code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12425.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12425.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12425", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59141", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.5915", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59129", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59148", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59134", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59092", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61089", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61153", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61173", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.6116", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61141", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61181", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61187", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61095", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61123", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61137", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12425" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12425", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12425" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336110", "reference_id": "2336110", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336110" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/cve-2024-12425", "reference_id": "cve-2024-12425", "reference_type": "", "scores": [ { "value": "2.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-07T14:16:49Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/cve-2024-12425" }, { "reference_url": "https://security.gentoo.org/glsa/202506-03", "reference_id": "GLSA-202506-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-03" }, { "reference_url": "https://usn.ubuntu.com/7228-1/", "reference_id": "USN-7228-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7228-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928451?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u12?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u12%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928450?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928452?format=api", "purl": "pkg:deb/debian/libreoffice@4:24.8.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:24.8.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-12425" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k6mn-jky6-wqg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70887?format=api", "vulnerability_id": "VCID-kx13-c2d7-nke3", "summary": "libreoffice: Macro URL arbitrary script execution", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1080.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1080.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1080", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21383", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21268", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.2133", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21437", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21189", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.2134", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30345", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30497", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30414", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30274", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30831", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30803", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30835", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30815", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30779", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30613", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1080" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1080", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1080" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349906", "reference_id": "2349906", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349906" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/cve-2025-1080", "reference_id": "cve-2025-1080", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:L/VA:H/SC:H/SI:H/SA:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T20:34:55Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/cve-2025-1080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2868", "reference_id": "RHSA-2025:2868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3169", "reference_id": "RHSA-2025:3169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3265", "reference_id": "RHSA-2025:3265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3267", "reference_id": "RHSA-2025:3267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3269", "reference_id": "RHSA-2025:3269", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3269" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3390", "reference_id": "RHSA-2025:3390", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3390" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3408", "reference_id": "RHSA-2025:3408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3548", "reference_id": "RHSA-2025:3548", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3548" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3549", "reference_id": "RHSA-2025:3549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3550", "reference_id": "RHSA-2025:3550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3550" }, { "reference_url": "https://usn.ubuntu.com/7337-1/", "reference_id": "USN-7337-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7337-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928462?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u13?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928461?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928463?format=api", "purl": "pkg:deb/debian/libreoffice@4:24.8.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:24.8.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-1080" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kx13-c2d7-nke3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74457?format=api", "vulnerability_id": "VCID-ma9t-qst9-xbcm", "summary": "libreoffice: Ability to trust not validated macro signatures removed in high security mode", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6472.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6472.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6472", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22202", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22231", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22225", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22122", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22545", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22588", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22377", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22458", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22513", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22532", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.2249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22435", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22451", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22448", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22397", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22245", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6472" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302866", "reference_id": "2302866", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302866" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2024-6472", "reference_id": "CVE-2024-6472", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-05T14:28:03Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2024-6472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5583", "reference_id": "RHSA-2024:5583", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5583" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5584", "reference_id": "RHSA-2024:5584", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5584" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5598", "reference_id": "RHSA-2024:5598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5599", "reference_id": "RHSA-2024:5599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5601", "reference_id": "RHSA-2024:5601", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5607", "reference_id": "RHSA-2024:5607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5608", "reference_id": "RHSA-2024:5608", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5608" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5886", "reference_id": "RHSA-2024:5886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5886" }, { "reference_url": "https://usn.ubuntu.com/6962-1/", "reference_id": "USN-6962-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6962-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928457?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928458?format=api", "purl": "pkg:deb/debian/libreoffice@4:24.2.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:24.2.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-6472" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ma9t-qst9-xbcm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50389?format=api", "vulnerability_id": "VCID-mfqa-v61r-gqcb", "summary": "Multiple vulnerabilities have been found in LibreOffice, the worst\n of which allows for the remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7870.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7870.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7870", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80039", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80205", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80147", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80154", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.8017", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80184", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80047", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80068", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80057", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80085", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80093", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80112", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80096", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80088", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80117", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80118", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80119", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7870" }, { "reference_url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7870", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7870" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/LibreOffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/LibreOffice/core/commit/62a97e6a561ce65e88d4c537a1b82c336f012722" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3837", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-3837" }, { "reference_url": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7870/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.libreoffice.org/about-us/security/advisories/cve-2017-7870/" }, { "reference_url": "http://www.securityfocus.com/bid/97671", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/97671" }, { "reference_url": "http://www.securitytracker.com/id/1039029", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1039029" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444061", "reference_id": "1444061", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1444061" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:*:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:beta2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7870", "reference_id": "CVE-2017-7870", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7870" }, { "reference_url": "https://security.gentoo.org/glsa/201706-28", "reference_id": "GLSA-201706-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201706-28" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1975", "reference_id": "RHSA-2017:1975", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1975" }, { "reference_url": "https://usn.ubuntu.com/3273-1/", "reference_id": "USN-3273-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3273-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928418?format=api", "purl": "pkg:deb/debian/libreoffice@1:5.2.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:5.2.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7870" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mfqa-v61r-gqcb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79180?format=api", "vulnerability_id": "VCID-n34y-vynb-qbae", "summary": "libreoffice: Weak Master Keys", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26307.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26307.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26307", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52666", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52802", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52751", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52722", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52718", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52745", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.5271", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52761", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52756", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52807", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52791", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52774", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52811", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52819", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26307" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118610", "reference_id": "2118610", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118610" }, { "reference_url": "https://security.archlinux.org/AVG-2783", "reference_id": "AVG-2783", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2783" }, { "reference_url": "https://security.archlinux.org/AVG-2784", "reference_id": "AVG-2784", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0089", "reference_id": "RHSA-2023:0089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0089" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0304", "reference_id": "RHSA-2023:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0304" }, { "reference_url": "https://usn.ubuntu.com/5661-1/", "reference_id": "USN-5661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5661-1/" }, { "reference_url": "https://usn.ubuntu.com/5694-1/", "reference_id": "USN-5694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5694-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928436?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928439?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.3.3~rc1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.3.3~rc1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-26307" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n34y-vynb-qbae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/244558?format=api", "vulnerability_id": "VCID-nffq-52a8-3yg9", "summary": "In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25631", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01704", "scoring_system": "epss", "scoring_elements": "0.82417", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01704", "scoring_system": "epss", "scoring_elements": "0.82238", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01704", "scoring_system": "epss", "scoring_elements": "0.82251", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01704", "scoring_system": "epss", "scoring_elements": "0.8227", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01704", "scoring_system": "epss", "scoring_elements": "0.82265", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01704", "scoring_system": "epss", "scoring_elements": "0.82291", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01704", "scoring_system": "epss", "scoring_elements": "0.82298", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01704", "scoring_system": "epss", "scoring_elements": "0.82318", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01704", "scoring_system": "epss", "scoring_elements": "0.82312", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01704", "scoring_system": "epss", "scoring_elements": "0.82306", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01704", "scoring_system": "epss", "scoring_elements": "0.8234", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01704", "scoring_system": "epss", "scoring_elements": "0.82342", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01704", "scoring_system": "epss", "scoring_elements": "0.82363", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01704", "scoring_system": "epss", "scoring_elements": "0.82374", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01704", "scoring_system": "epss", "scoring_elements": "0.82378", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01704", "scoring_system": "epss", "scoring_elements": "0.82395", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25631" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928423?format=api", "purl": "pkg:deb/debian/libreoffice@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-25631" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nffq-52a8-3yg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79726?format=api", "vulnerability_id": "VCID-pc43-5jvh-fbe2", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9852.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9852.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9852", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28954", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.2903", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.2908", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28889", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28957", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.29", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.29003", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28959", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28909", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28933", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28863", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28744", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28633", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28563", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28405", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28462", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9850", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9850" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9851", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9851" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9853", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9853" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744868", "reference_id": "1744868", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1151", "reference_id": "RHSA-2020:1151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1598", "reference_id": "RHSA-2020:1598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1598" }, { "reference_url": "https://usn.ubuntu.com/4102-1/", "reference_id": "USN-4102-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4102-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928429?format=api", "purl": "pkg:deb/debian/libreoffice@1:6.3.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:6.3.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9852" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pc43-5jvh-fbe2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56785?format=api", "vulnerability_id": "VCID-pkz4-5wxb-5qdc", "summary": "Multiple vulnerabilities have been found in LibreOffice, the worst\n of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9849.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9849.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9849", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03491", "scoring_system": "epss", "scoring_elements": "0.87657", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.03491", "scoring_system": "epss", "scoring_elements": "0.87641", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87732", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87645", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87655", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87668", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87669", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.8769", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87696", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87707", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87701", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87698", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87713", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.8771", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87728", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87733", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9849" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9848", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9848" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9849", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9849" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737421", "reference_id": "1737421", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737421" }, { "reference_url": "https://security.archlinux.org/ASA-201908-9", "reference_id": "ASA-201908-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201908-9" }, { "reference_url": "https://security.archlinux.org/AVG-1009", "reference_id": "AVG-1009", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1009" }, { "reference_url": "https://security.archlinux.org/AVG-1010", "reference_id": "AVG-1010", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1010" }, { "reference_url": "https://security.gentoo.org/glsa/201908-13", "reference_id": "GLSA-201908-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201908-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1151", "reference_id": "RHSA-2020:1151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1598", "reference_id": "RHSA-2020:1598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1598" }, { "reference_url": "https://usn.ubuntu.com/4063-1/", "reference_id": "USN-4063-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4063-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928428?format=api", "purl": "pkg:deb/debian/libreoffice@1:6.3.0~rc1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:6.3.0~rc1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9849" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pkz4-5wxb-5qdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36602?format=api", "vulnerability_id": "VCID-qk3g-3v3d-pqcb", "summary": "Multiple vulnerabilities have been found in OpenOffice and\n LibreOffice, the worst of which may result in execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1149.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1149.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1149", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.78806", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.78812", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.78841", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.78825", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.7885", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.78856", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.7888", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.78863", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.78853", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.78882", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.78879", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.78876", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.78905", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.78912", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.78929", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.78945", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01193", "scoring_system": "epss", "scoring_elements": "0.78967", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1149" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1149", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1149" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=821726", "reference_id": "821726", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=821726" }, { "reference_url": "https://security.gentoo.org/glsa/201209-05", "reference_id": "GLSA-201209-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201209-05" }, { "reference_url": "https://security.gentoo.org/glsa/201408-19", "reference_id": "GLSA-201408-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0705", "reference_id": "RHSA-2012:0705", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0705" }, { "reference_url": "https://usn.ubuntu.com/1495-1/", "reference_id": "USN-1495-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1495-1/" }, { "reference_url": "https://usn.ubuntu.com/1496-1/", "reference_id": "USN-1496-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1496-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928406?format=api", "purl": "pkg:deb/debian/libreoffice@1:3.4.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:3.4.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-1149" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qk3g-3v3d-pqcb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74700?format=api", "vulnerability_id": "VCID-qt46-94xf-eyaz", "summary": "security update", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00059.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00059.html" }, { "reference_url": "http://packetstormsecurity.com/files/152560/LibreOffice-Macro-Code-Execution.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://packetstormsecurity.com/files/152560/LibreOffice-Macro-Code-Execution.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16858.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16858.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16858", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.92343", "scoring_system": "epss", "scoring_elements": "0.99722", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.92343", "scoring_system": "epss", "scoring_elements": "0.99732", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.92343", "scoring_system": "epss", "scoring_elements": "0.99726", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.92343", "scoring_system": "epss", "scoring_elements": "0.99728", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.92343", "scoring_system": "epss", "scoring_elements": "0.99729", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.92343", "scoring_system": "epss", "scoring_elements": "0.9973", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.92343", "scoring_system": "epss", "scoring_elements": "0.99731", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.92343", "scoring_system": "epss", "scoring_elements": "0.99723", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.92343", "scoring_system": "epss", "scoring_elements": "0.99724", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.92343", "scoring_system": "epss", "scoring_elements": "0.99725", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16858" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16858", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16858" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16858", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16858" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://seclists.org/bugtraq/2019/Aug/28", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Aug/28" }, { "reference_url": "https://www.exploit-db.com/exploits/46727/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/46727/" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-16858/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.libreoffice.org/about-us/security/advisories/cve-2018-16858/" }, { "reference_url": "http://www.rapid7.com/db/modules/exploit/multi/fileformat/libreoffice_macro_exec", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.rapid7.com/db/modules/exploit/multi/fileformat/libreoffice_macro_exec" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649841", "reference_id": "1649841", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649841" }, { "reference_url": "https://security.archlinux.org/AVG-883", "reference_id": "AVG-883", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-883" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/46727.rb", "reference_id": "CVE-2018-16858", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/46727.rb" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16858", "reference_id": "CVE-2018-16858", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16858" }, { "reference_url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/fileformat/libreoffice_macro_exec.rb", "reference_id": "CVE-2018-16858", "reference_type": "exploit", "scores": [], "url": "https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/fileformat/libreoffice_macro_exec.rb" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2130", "reference_id": "RHSA-2019:2130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2130" }, { "reference_url": "https://usn.ubuntu.com/3883-1/", "reference_id": "USN-3883-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3883-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928427?format=api", "purl": "pkg:deb/debian/libreoffice@1:6.1.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:6.1.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-16858" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qt46-94xf-eyaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86604?format=api", "vulnerability_id": "VCID-r8k2-18at-6ygp", "summary": "libreoffice: NULL pointer dereference when parsing certain DOCM documents", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4156.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4156.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4156", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79039", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79046", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79072", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79057", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79081", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79089", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79113", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79099", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79117", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79115", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79146", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79153", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79169", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79181", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01221", "scoring_system": "epss", "scoring_elements": "0.79202", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4156" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4156", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4156" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=988832", "reference_id": "988832", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=988832" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928410?format=api", "purl": "pkg:deb/debian/libreoffice@1:4.1.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:4.1.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-4156" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r8k2-18at-6ygp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/71789?format=api", "vulnerability_id": "VCID-r9rr-pmtt-5ycm", "summary": "libreoffice: Executable hyperlink Windows path targets executed unconditionally on activation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0514.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0514.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0514", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14294", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14235", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41632", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41902", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41952", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41925", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41854", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41782", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41703", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41562", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47372", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.4732", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47375", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47396", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00241", "scoring_system": "epss", "scoring_elements": "0.47371", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0514" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347608", "reference_id": "2347608", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2347608" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/cve-2025-0514", "reference_id": "cve-2025-0514", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:L/VA:H/SC:H/SI:H/SA:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T21:28:20Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/cve-2025-0514" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928423?format=api", "purl": "pkg:deb/debian/libreoffice@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-0514" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r9rr-pmtt-5ycm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36604?format=api", "vulnerability_id": "VCID-rcfd-vww8-b7hz", "summary": "Multiple vulnerabilities have been found in OpenOffice and\n LibreOffice, the worst of which may result in execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2334.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2334.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2334", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08516", "scoring_system": "epss", "scoring_elements": "0.92341", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08516", "scoring_system": "epss", "scoring_elements": "0.92347", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08516", "scoring_system": "epss", "scoring_elements": "0.92353", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08516", "scoring_system": "epss", "scoring_elements": "0.92357", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08516", "scoring_system": "epss", "scoring_elements": "0.92368", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08516", "scoring_system": "epss", "scoring_elements": "0.92373", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08516", "scoring_system": "epss", "scoring_elements": "0.92378", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.08516", "scoring_system": "epss", "scoring_elements": "0.9238", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08516", "scoring_system": "epss", "scoring_elements": "0.92379", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08516", "scoring_system": "epss", "scoring_elements": "0.9239", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.08516", "scoring_system": "epss", "scoring_elements": "0.92391", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.08516", "scoring_system": "epss", "scoring_elements": "0.92394", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.08516", "scoring_system": "epss", "scoring_elements": "0.92396", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.08516", "scoring_system": "epss", "scoring_elements": "0.92399", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.08516", "scoring_system": "epss", "scoring_elements": "0.9241", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2334" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2334", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2334" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=821803", "reference_id": "821803", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=821803" }, { "reference_url": "https://security.gentoo.org/glsa/201408-19", "reference_id": "GLSA-201408-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-19" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0705", "reference_id": "RHSA-2012:0705", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0705" }, { "reference_url": "https://usn.ubuntu.com/1495-1/", "reference_id": "USN-1495-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1495-1/" }, { "reference_url": "https://usn.ubuntu.com/1496-1/", "reference_id": "USN-1496-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1496-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928407?format=api", "purl": "pkg:deb/debian/libreoffice@1:3.5.2~rc2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:3.5.2~rc2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-2334" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rcfd-vww8-b7hz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80005?format=api", "vulnerability_id": "VCID-re5e-qp85-ybdd", "summary": "libreoffice: Content Manipulation with Double Certificate Attack", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25633.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25633.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25633", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67065", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67102", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67126", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.671", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.6715", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67163", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67182", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67168", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67137", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67171", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67185", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67165", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67186", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67198", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67166", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67207", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25634" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013135", "reference_id": "2013135", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1766", "reference_id": "RHSA-2022:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1766" }, { "reference_url": "https://usn.ubuntu.com/5153-1/", "reference_id": "USN-5153-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5153-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928434?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928433?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.2.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.2.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-25633" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-re5e-qp85-ybdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83360?format=api", "vulnerability_id": "VCID-rg7y-m6nm-m7df", "summary": "libreoffice: Use of realpath() in desktop/unx/source/start.c:get_app_path() allows for potential buffer overflow", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14939.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14939.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14939", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66145", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66187", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66214", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66183", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66231", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66244", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66264", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66251", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.6622", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66255", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.6627", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66278", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66292", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66269", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00506", "scoring_system": "epss", "scoring_elements": "0.66313", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14939" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1614165", "reference_id": "1614165", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1614165" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928423?format=api", "purl": "pkg:deb/debian/libreoffice@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-14939" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rg7y-m6nm-m7df" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83859?format=api", "vulnerability_id": "VCID-rgnx-vba7-c7ay", "summary": "libreoffice: Out-of-bounds write in the WW8Fonts::WW8Fonts functionality", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9806.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9806.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9806", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80043", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80101", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.8005", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80072", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.8006", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80088", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80097", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80116", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01349", "scoring_system": "epss", "scoring_elements": "0.80092", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01822", "scoring_system": "epss", "scoring_elements": "0.82972", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01822", "scoring_system": "epss", "scoring_elements": "0.82992", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01822", "scoring_system": "epss", "scoring_elements": "0.82914", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01822", "scoring_system": "epss", "scoring_elements": "0.82947", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01822", "scoring_system": "epss", "scoring_elements": "0.82951", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01822", "scoring_system": "epss", "scoring_elements": "0.82913", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01822", "scoring_system": "epss", "scoring_elements": "0.82916", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01822", "scoring_system": "epss", "scoring_elements": "0.82937", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9806" }, { "reference_url": "http://www.openoffice.org/security/cves/CVE-2017-9806.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openoffice.org/security/cves/CVE-2017-9806.html" }, { "reference_url": "http://www.securityfocus.com/bid/101585", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/101585" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1507803", "reference_id": "1507803", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1507803" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9806", "reference_id": "CVE-2017-9806", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9806" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928405?format=api", "purl": "pkg:deb/debian/libreoffice@1:3.4.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:3.4.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-9806" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rgnx-vba7-c7ay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79725?format=api", "vulnerability_id": "VCID-sega-433y-v7bb", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9851.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9851.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9851", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.99375", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.99376", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.99377", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.99379", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.9938", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.99381", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.99382", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.99384", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.99383", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.99385", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.99386", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.99387", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9851" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9850", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9850" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9851", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9851" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9853", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9853" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744866", "reference_id": "1744866", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744866" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/47298.rb", "reference_id": "CVE-2019-9851", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/47298.rb" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1151", "reference_id": "RHSA-2020:1151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1598", "reference_id": "RHSA-2020:1598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1598" }, { "reference_url": "https://usn.ubuntu.com/4102-1/", "reference_id": "USN-4102-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4102-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928429?format=api", "purl": "pkg:deb/debian/libreoffice@1:6.3.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:6.3.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9851" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sega-433y-v7bb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87352?format=api", "vulnerability_id": "VCID-sm5e-dqg4-r3br", "summary": "filter): Multiple stack buffer overflows when processing certain LWP files (VU#953183)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2685.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2685.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2685", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13894", "scoring_system": "epss", "scoring_elements": "0.94266", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.13894", "scoring_system": "epss", "scoring_elements": "0.94275", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.13894", "scoring_system": "epss", "scoring_elements": "0.94286", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.13894", "scoring_system": "epss", "scoring_elements": "0.94288", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.13894", "scoring_system": "epss", "scoring_elements": "0.94297", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.13894", "scoring_system": "epss", "scoring_elements": "0.94302", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.13894", "scoring_system": "epss", "scoring_elements": "0.94305", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.13894", "scoring_system": "epss", "scoring_elements": "0.94306", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.13894", "scoring_system": "epss", "scoring_elements": "0.94307", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.13894", "scoring_system": "epss", "scoring_elements": "0.94322", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.13894", "scoring_system": "epss", "scoring_elements": "0.94328", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.13894", "scoring_system": "epss", "scoring_elements": "0.94327", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.13894", "scoring_system": "epss", "scoring_elements": "0.94331", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.13894", "scoring_system": "epss", "scoring_elements": "0.9433", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.13894", "scoring_system": "epss", "scoring_elements": "0.94335", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.13894", "scoring_system": "epss", "scoring_elements": "0.94344", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2685" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=720006", "reference_id": "720006", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=720006" }, { "reference_url": "https://usn.ubuntu.com/1496-1/", "reference_id": "USN-1496-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1496-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928401?format=api", "purl": "pkg:deb/debian/libreoffice@1:3.3.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:3.3.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-2685" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sm5e-dqg4-r3br" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73108?format=api", "vulnerability_id": "VCID-sqwy-enu1-1uep", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10119.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10119.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10119", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67704", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67737", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67757", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67788", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67802", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67826", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67812", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67778", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67814", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67827", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67809", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67828", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67838", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67843", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67818", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67861", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10119" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10119", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10119" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10120", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10120" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1569836", "reference_id": "1569836", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1569836" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3054", "reference_id": "RHSA-2018:3054", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3054" }, { "reference_url": "https://usn.ubuntu.com/3883-1/", "reference_id": "USN-3883-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3883-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928424?format=api", "purl": "pkg:deb/debian/libreoffice@1:6.0.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:6.0.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-10119" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sqwy-enu1-1uep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47715?format=api", "vulnerability_id": "VCID-txaq-r51k-k3gn", "summary": "Multiple vulnerabilities have been found in both LibreOffice and\n OpenOffice allowing remote attackers to execute arbitrary code or cause\n Denial of Service.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5212.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5212.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5212", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.49583", "scoring_system": "epss", "scoring_elements": "0.97819", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.49583", "scoring_system": "epss", "scoring_elements": "0.97779", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.49583", "scoring_system": "epss", "scoring_elements": "0.97785", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.49583", "scoring_system": "epss", "scoring_elements": "0.97786", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.49583", "scoring_system": "epss", "scoring_elements": "0.97789", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.49583", "scoring_system": "epss", "scoring_elements": "0.97793", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.49583", "scoring_system": "epss", "scoring_elements": "0.97796", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.49583", "scoring_system": "epss", "scoring_elements": "0.97798", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.49583", "scoring_system": "epss", "scoring_elements": "0.978", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.49583", "scoring_system": "epss", "scoring_elements": "0.97802", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.49583", "scoring_system": "epss", "scoring_elements": "0.97808", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.49583", "scoring_system": "epss", "scoring_elements": "0.9781", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.49583", "scoring_system": "epss", "scoring_elements": "0.97809", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.49583", "scoring_system": "epss", "scoring_elements": "0.97815", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.49583", "scoring_system": "epss", "scoring_elements": "0.9782", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5212" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5212", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5212" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5213", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5213" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5214", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5214" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3394", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3394" }, { "reference_url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5212/" }, { "reference_url": "http://www.openoffice.org/security/cves/CVE-2015-5212.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openoffice.org/security/cves/CVE-2015-5212.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/77486", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/77486" }, { "reference_url": "http://www.securitytracker.com/id/1034085", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034085" }, { "reference_url": "http://www.securitytracker.com/id/1034091", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034091" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2793-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2793-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1278820", "reference_id": "1278820", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1278820" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5212", "reference_id": "CVE-2015-5212", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5212" }, { "reference_url": "https://security.gentoo.org/glsa/201603-05", "reference_id": "GLSA-201603-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-05" }, { "reference_url": "https://security.gentoo.org/glsa/201611-03", "reference_id": "GLSA-201611-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201611-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2619", "reference_id": "RHSA-2015:2619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2619" }, { "reference_url": "https://usn.ubuntu.com/2793-1/", "reference_id": "USN-2793-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2793-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928415?format=api", "purl": "pkg:deb/debian/libreoffice@1:5.0.1~rc1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:5.0.1~rc1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-5212" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-txaq-r51k-k3gn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49796?format=api", "vulnerability_id": "VCID-u1ry-xuyn-77fm", "summary": "Multiple vulnerabilities have been discovered in LibreOffice, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0950.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0950.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0950", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19746", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19356", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19608", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19549", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19513", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19522", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19534", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19427", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19416", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19377", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19268", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19796", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.1952", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.196", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19652", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19657", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2255", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2255" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210186", "reference_id": "2210186", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210186" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2023-0950", "reference_id": "CVE-2023-0950", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:28:15Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2023-0950" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5415", "reference_id": "dsa-5415", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:28:15Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5415" }, { "reference_url": "https://security.gentoo.org/glsa/202311-15", "reference_id": "GLSA-202311-15", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:28:15Z/" } ], "url": "https://security.gentoo.org/glsa/202311-15" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00014.html", "reference_id": "msg00014.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:28:15Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00014.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6508", "reference_id": "RHSA-2023:6508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6933", "reference_id": "RHSA-2023:6933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6933" }, { "reference_url": "https://usn.ubuntu.com/6144-1/", "reference_id": "USN-6144-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6144-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928445?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928444?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.5-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.5-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-0950" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u1ry-xuyn-77fm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47719?format=api", "vulnerability_id": "VCID-u2z4-zcay-uufy", "summary": "Multiple vulnerabilities have been found in both LibreOffice and\n OpenOffice allowing remote attackers to execute arbitrary code or cause\n Denial of Service.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5214.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5214.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5214", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.35608", "scoring_system": "epss", "scoring_elements": "0.97092", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.35608", "scoring_system": "epss", "scoring_elements": "0.97037", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.35608", "scoring_system": "epss", "scoring_elements": "0.97044", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.35608", "scoring_system": "epss", "scoring_elements": "0.97048", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.35608", "scoring_system": "epss", "scoring_elements": "0.97049", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.35608", "scoring_system": "epss", "scoring_elements": "0.97059", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.35608", "scoring_system": "epss", "scoring_elements": "0.9706", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.35608", "scoring_system": "epss", "scoring_elements": "0.97063", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.35608", "scoring_system": "epss", "scoring_elements": "0.97064", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.35608", "scoring_system": "epss", "scoring_elements": "0.97074", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.35608", "scoring_system": "epss", "scoring_elements": "0.97078", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.35608", "scoring_system": "epss", "scoring_elements": "0.97082", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.35608", "scoring_system": "epss", "scoring_elements": "0.97083", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.35608", "scoring_system": "epss", "scoring_elements": "0.97085", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.35608", "scoring_system": "epss", "scoring_elements": "0.97086", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.35608", "scoring_system": "epss", "scoring_elements": "0.97089", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5214" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5212", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5212" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5213", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5213" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5214", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5214" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3394", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3394" }, { "reference_url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5214/" }, { "reference_url": "http://www.openoffice.org/security/cves/CVE-2015-5214.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openoffice.org/security/cves/CVE-2015-5214.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/77486", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/77486" }, { "reference_url": "http://www.securitytracker.com/id/1034086", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034086" }, { "reference_url": "http://www.securitytracker.com/id/1034091", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034091" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2793-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2793-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1278827", "reference_id": "1278827", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1278827" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5214", "reference_id": "CVE-2015-5214", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5214" }, { "reference_url": "https://security.gentoo.org/glsa/201603-05", "reference_id": "GLSA-201603-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-05" }, { "reference_url": "https://security.gentoo.org/glsa/201611-03", "reference_id": "GLSA-201611-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201611-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2619", "reference_id": "RHSA-2015:2619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2619" }, { "reference_url": "https://usn.ubuntu.com/2793-1/", "reference_id": "USN-2793-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2793-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928416?format=api", "purl": "pkg:deb/debian/libreoffice@1:5.0.1~rc2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:5.0.1~rc2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-5214" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u2z4-zcay-uufy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73926?format=api", "vulnerability_id": "VCID-u6wr-a1wv-byax", "summary": "libreoffice: improper digital signature invalidation vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7788.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7788.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7788", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.18967", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1905", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19005", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.18885", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19387", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19439", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19155", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19234", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19287", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19292", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19245", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19191", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1915", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1916", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19169", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1906", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7788" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7788", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7788" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312865", "reference_id": "2312865", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312865" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2024-7788", "reference_id": "CVE-2024-7788", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-17T15:52:01Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2024-7788" }, { "reference_url": "https://usn.ubuntu.com/7025-1/", "reference_id": "USN-7025-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7025-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928460?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u11?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u11%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928459?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928458?format=api", "purl": "pkg:deb/debian/libreoffice@4:24.2.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:24.2.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-7788" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u6wr-a1wv-byax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48034?format=api", "vulnerability_id": "VCID-us6f-vsb9-83ck", "summary": "A vulnerability in LibreOffice might allow remote attackers to read\n arbitrary files.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6871.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6871.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-6871", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.30055", "scoring_system": "epss", "scoring_elements": "0.96688", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.30055", "scoring_system": "epss", "scoring_elements": "0.96675", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.30055", "scoring_system": "epss", "scoring_elements": "0.96673", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.30055", "scoring_system": "epss", "scoring_elements": "0.96676", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.30055", "scoring_system": "epss", "scoring_elements": "0.96685", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.30055", "scoring_system": "epss", "scoring_elements": "0.96645", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.30055", "scoring_system": "epss", "scoring_elements": "0.96652", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.30055", "scoring_system": "epss", "scoring_elements": "0.96654", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.30055", "scoring_system": "epss", "scoring_elements": "0.96656", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.30055", "scoring_system": "epss", "scoring_elements": "0.96657", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.30055", "scoring_system": "epss", "scoring_elements": "0.96659", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.30055", "scoring_system": "epss", "scoring_elements": "0.96666", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.30055", "scoring_system": "epss", "scoring_elements": "0.9667", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.4268", "scoring_system": "epss", "scoring_elements": "0.97454", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.4268", "scoring_system": "epss", "scoring_elements": "0.97458", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.4268", "scoring_system": "epss", "scoring_elements": "0.97447", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-6871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6871" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1543120", "reference_id": "1543120", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1543120" }, { "reference_url": "https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure/tree/7eb75ff6662e50783824df97c34f6c7f58e71ce5", "reference_id": "CVE-2018-6871", "reference_type": "exploit", "scores": [], "url": "https://github.com/jollheef/libreoffice-remote-arbitrary-file-disclosure/tree/7eb75ff6662e50783824df97c34f6c7f58e71ce5" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/44022.md", "reference_id": "CVE-2018-6871", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/44022.md" }, { "reference_url": "https://security.gentoo.org/glsa/201802-06", "reference_id": "GLSA-201802-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201802-06" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0418", "reference_id": "RHSA-2018:0418", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0418" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0517", "reference_id": "RHSA-2018:0517", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0517" }, { "reference_url": "https://usn.ubuntu.com/3579-1/", "reference_id": "USN-3579-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3579-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928424?format=api", "purl": "pkg:deb/debian/libreoffice@1:6.0.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:6.0.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-6871" ], "risk_score": 8.4, "exploitability": "2.0", "weighted_severity": "4.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-us6f-vsb9-83ck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61542?format=api", "vulnerability_id": "VCID-w6ze-2zem-p3ev", "summary": "Multiple vulnerabilities have been found in LibreOffice, the worst of which could result in user-assisted code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12426.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12426.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12426", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.64933", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.6488", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.64897", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.6491", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.64906", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.64886", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66701", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.6672", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66708", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66678", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66712", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66725", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66637", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66663", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66686", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12426" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336117", "reference_id": "2336117", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336117" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/cve-2024-12426", "reference_id": "cve-2024-12426", "reference_type": "", "scores": [ { "value": "6.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-07T14:38:29Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/cve-2024-12426" }, { "reference_url": "https://security.gentoo.org/glsa/202506-03", "reference_id": "GLSA-202506-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-03" }, { "reference_url": "https://usn.ubuntu.com/7228-1/", "reference_id": "USN-7228-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7228-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928451?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u12?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u12%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928450?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928452?format=api", "purl": "pkg:deb/debian/libreoffice@4:24.8.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:24.8.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-12426" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w6ze-2zem-p3ev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62577?format=api", "vulnerability_id": "VCID-xe1u-3snm-bka7", "summary": "security update", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178036.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178036.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00110.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00110.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00050.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2579.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2579.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0795.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0795.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0795", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.6794", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.67897", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.67787", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.67821", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.67841", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.67871", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.67885", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.67908", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.67895", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.67859", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.67889", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.67918", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00547", "scoring_system": "epss", "scoring_elements": "0.67923", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/cve-2016-0795/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.libreoffice.org/about-us/security/advisories/cve-2016-0795/" }, { "reference_url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1223" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3482", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3482" }, { "reference_url": "http://www.securitytracker.com/id/1035022", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035022" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2899-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2899-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1306609", "reference_id": "1306609", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1306609" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0795", "reference_id": "CVE-2016-0795", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0795" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2579", "reference_id": "RHSA-2016:2579", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2579" }, { "reference_url": "https://usn.ubuntu.com/2899-1/", "reference_id": "USN-2899-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2899-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928417?format=api", "purl": "pkg:deb/debian/libreoffice@1:5.0.5~rc1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:5.0.5~rc1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-0795" ], "risk_score": 4.2, "exploitability": "0.5", "weighted_severity": "8.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xe1u-3snm-bka7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70164?format=api", "vulnerability_id": "VCID-xkby-5yru-97gd", "summary": "LibreOffice: PDF signature forgery with adbe.pkcs7.sha1 SubFilter", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2866.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2866.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2866", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25835", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25485", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.2558", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25531", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25418", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25878", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25648", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25719", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25767", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25778", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25737", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25679", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25681", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25665", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25641", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25589", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2866" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2866", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2866" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362574", "reference_id": "2362574", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362574" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/cve-2025-2866", "reference_id": "cve-2025-2866", "reference_type": "", "scores": [ { "value": "2.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T13:41:33Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/cve-2025-2866" }, { "reference_url": "https://usn.ubuntu.com/7504-1/", "reference_id": "USN-7504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7504-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928462?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u13?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u13%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928464?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u8?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u8%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928465?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-2866" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xkby-5yru-97gd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94761?format=api", "vulnerability_id": "VCID-xr5b-gdek-kqgy", "summary": "Apache OpenOffice opens dBase/DBF documents and shows the contents as spreadsheets. DBF are database files with data organized in fields. When reading DBF data the size of certain fields is not checked: the data is just copied into local variables. A carefully crafted document could overflow the allocated space, leading to the execution of arbitrary code by altering the contents of the program stack. This issue affects Apache OpenOffice up to and including version 4.1.10", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-33035", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06007", "scoring_system": "epss", "scoring_elements": "0.90739", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.06007", "scoring_system": "epss", "scoring_elements": "0.90758", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.06238", "scoring_system": "epss", "scoring_elements": "0.90859", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06238", "scoring_system": "epss", "scoring_elements": "0.9087", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06238", "scoring_system": "epss", "scoring_elements": "0.90881", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06238", "scoring_system": "epss", "scoring_elements": "0.90888", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06238", "scoring_system": "epss", "scoring_elements": "0.90897", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06238", "scoring_system": "epss", "scoring_elements": "0.90843", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06238", "scoring_system": "epss", "scoring_elements": "0.9092", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06238", "scoring_system": "epss", "scoring_elements": "0.90918", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06238", "scoring_system": "epss", "scoring_elements": "0.90932", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.06238", "scoring_system": "epss", "scoring_elements": "0.9093", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.06238", "scoring_system": "epss", "scoring_elements": "0.90928", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.06238", "scoring_system": "epss", "scoring_elements": "0.90896", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06238", "scoring_system": "epss", "scoring_elements": "0.90849", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-33035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33035" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928437?format=api", "purl": "pkg:deb/debian/libreoffice@1:4.3.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:4.3.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-33035" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xr5b-gdek-kqgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81205?format=api", "vulnerability_id": "VCID-y2ja-v9xa-k7af", "summary": "libreoffice: forms allowed to be submitted to any URI could result in local file overwrite", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12803.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12803.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12803", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.63957", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64113", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64105", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64102", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64015", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64043", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64003", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64054", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64071", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64083", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64069", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64039", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64074", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64085", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64072", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64092", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12803" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848346", "reference_id": "1848346", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848346" }, { "reference_url": "https://security.archlinux.org/AVG-1184", "reference_id": "AVG-1184", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4628", "reference_id": "RHSA-2020:4628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4628" }, { "reference_url": "https://usn.ubuntu.com/5694-1/", "reference_id": "USN-5694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5694-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928432?format=api", "purl": "pkg:deb/debian/libreoffice@1:6.4.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:6.4.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-12803" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y2ja-v9xa-k7af" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/62576?format=api", "vulnerability_id": "VCID-yfrn-ay4p-t7cp", "summary": "security update", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178036.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178036.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00110.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00110.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00050.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-07/msg00050.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2579.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2579.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0794.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0794.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0794", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00494", "scoring_system": "epss", "scoring_elements": "0.65812", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00494", "scoring_system": "epss", "scoring_elements": "0.65788", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00494", "scoring_system": "epss", "scoring_elements": "0.65763", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00494", "scoring_system": "epss", "scoring_elements": "0.65646", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00494", "scoring_system": "epss", "scoring_elements": "0.65695", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00494", "scoring_system": "epss", "scoring_elements": "0.65725", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00494", "scoring_system": "epss", "scoring_elements": "0.6569", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00494", "scoring_system": "epss", "scoring_elements": "0.65742", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00494", "scoring_system": "epss", "scoring_elements": "0.65753", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00494", "scoring_system": "epss", "scoring_elements": "0.65775", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00494", "scoring_system": "epss", "scoring_elements": "0.6576", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00494", "scoring_system": "epss", "scoring_elements": "0.65731", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00494", "scoring_system": "epss", "scoring_elements": "0.65765", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00494", "scoring_system": "epss", "scoring_elements": "0.65779", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00494", "scoring_system": "epss", "scoring_elements": "0.65778", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00494", "scoring_system": "epss", "scoring_elements": "0.65789", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0794" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0795" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:M/Au:N/C:P/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/cve-2016-0794/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.libreoffice.org/about-us/security/advisories/cve-2016-0794/" }, { "reference_url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1220" }, { "reference_url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1221", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1221" }, { "reference_url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1222" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3482", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3482" }, { "reference_url": "http://www.securitytracker.com/id/1035022", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1035022" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2899-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2899-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1306609", "reference_id": "1306609", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1306609" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0794", "reference_id": "CVE-2016-0794", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-0794" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2579", "reference_id": "RHSA-2016:2579", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2579" }, { "reference_url": "https://usn.ubuntu.com/2899-1/", "reference_id": "USN-2899-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2899-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928417?format=api", "purl": "pkg:deb/debian/libreoffice@1:5.0.5~rc1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:5.0.5~rc1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-0794" ], "risk_score": 4.2, "exploitability": "0.5", "weighted_severity": "8.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yfrn-ay4p-t7cp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47717?format=api", "vulnerability_id": "VCID-yg74-q3xa-tkcx", "summary": "Multiple vulnerabilities have been found in both LibreOffice and\n OpenOffice allowing remote attackers to execute arbitrary code or cause\n Denial of Service.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2015-2619.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5213.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5213.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5213", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.2277", "scoring_system": "epss", "scoring_elements": "0.9591", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.2277", "scoring_system": "epss", "scoring_elements": "0.95838", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.2277", "scoring_system": "epss", "scoring_elements": "0.95846", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.2277", "scoring_system": "epss", "scoring_elements": "0.95855", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.2277", "scoring_system": "epss", "scoring_elements": "0.95858", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.2277", "scoring_system": "epss", "scoring_elements": "0.95867", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.2277", "scoring_system": "epss", "scoring_elements": "0.9587", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.2277", "scoring_system": "epss", "scoring_elements": "0.95873", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.2277", "scoring_system": "epss", "scoring_elements": "0.95874", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.2277", "scoring_system": "epss", "scoring_elements": "0.95886", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.2277", "scoring_system": "epss", "scoring_elements": "0.95891", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.2277", "scoring_system": "epss", "scoring_elements": "0.95893", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.2277", "scoring_system": "epss", "scoring_elements": "0.95895", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.2277", "scoring_system": "epss", "scoring_elements": "0.95894", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.2277", "scoring_system": "epss", "scoring_elements": "0.95908", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5213" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5212", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5212" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5213", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5213" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5214", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5214" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3394", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2015/dsa-3394" }, { "reference_url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.libreoffice.org/about-us/security/advisories/cve-2015-5213/" }, { "reference_url": "http://www.openoffice.org/security/cves/CVE-2015-5213.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openoffice.org/security/cves/CVE-2015-5213.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "reference_url": "http://www.securityfocus.com/bid/77486", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/77486" }, { "reference_url": "http://www.securitytracker.com/id/1034085", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034085" }, { "reference_url": "http://www.securitytracker.com/id/1034091", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1034091" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2793-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2793-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1278824", "reference_id": "1278824", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1278824" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5213", "reference_id": "CVE-2015-5213", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5213" }, { "reference_url": "https://security.gentoo.org/glsa/201603-05", "reference_id": "GLSA-201603-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201603-05" }, { "reference_url": "https://security.gentoo.org/glsa/201611-03", "reference_id": "GLSA-201611-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201611-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2619", "reference_id": "RHSA-2015:2619", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2619" }, { "reference_url": "https://usn.ubuntu.com/2793-1/", "reference_id": "USN-2793-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2793-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928415?format=api", "purl": "pkg:deb/debian/libreoffice@1:5.0.1~rc1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:5.0.1~rc1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-5213" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yg74-q3xa-tkcx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/36600?format=api", "vulnerability_id": "VCID-yzgn-avaw-akcn", "summary": "Multiple vulnerabilities have been found in OpenOffice and\n LibreOffice, the worst of which may result in execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2713.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2713.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2713", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81308", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81317", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81339", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81337", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81366", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81371", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81393", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81379", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81409", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81431", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81439", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81444", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.81461", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01541", "scoring_system": "epss", "scoring_elements": "0.8148", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2713" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=725668", "reference_id": "725668", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=725668" }, { "reference_url": "https://security.gentoo.org/glsa/201209-05", "reference_id": "GLSA-201209-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201209-05" }, { "reference_url": "https://security.gentoo.org/glsa/201408-19", "reference_id": "GLSA-201408-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-19" }, { "reference_url": "https://usn.ubuntu.com/1496-1/", "reference_id": "USN-1496-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1496-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928405?format=api", "purl": "pkg:deb/debian/libreoffice@1:3.4.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:3.4.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-2713" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yzgn-avaw-akcn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/210848?format=api", "vulnerability_id": "VCID-z8wr-nnv1-euhx", "summary": "A vulnerability in LibreOffice hyperlink processing allows an attacker to construct documents containing hyperlinks pointing to the location of an executable on the target users file system. If the hyperlink is activated by the victim the executable target is unconditionally launched. Under Windows and macOS when processing a hyperlink target explicitly activated by the user there was no judgment made on whether the target was an executable file, so such executable targets were launched unconditionally. This issue affects: All LibreOffice Windows and macOS versions prior to 6.1.6; LibreOffice Windows and macOS versions in the 6.2 series prior to 6.2.3.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9847", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46753", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46793", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46812", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46761", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46816", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46839", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.4681", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46818", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46873", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.4687", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46801", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46763", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46669", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46733", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9847" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928423?format=api", "purl": "pkg:deb/debian/libreoffice@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9847" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z8wr-nnv1-euhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49797?format=api", "vulnerability_id": "VCID-zh9v-egc2-ufc5", "summary": "Multiple vulnerabilities have been discovered in LibreOffice, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2255.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2255.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2255", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.42502", "scoring_system": "epss", "scoring_elements": "0.97481", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.42502", "scoring_system": "epss", "scoring_elements": "0.97472", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.42502", "scoring_system": "epss", "scoring_elements": "0.97471", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.42502", "scoring_system": "epss", "scoring_elements": "0.97474", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.42502", "scoring_system": "epss", "scoring_elements": "0.97478", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.49062", "scoring_system": "epss", "scoring_elements": "0.97781", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.49062", "scoring_system": "epss", "scoring_elements": "0.97783", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.49062", "scoring_system": "epss", "scoring_elements": "0.97773", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.49062", "scoring_system": "epss", "scoring_elements": "0.97775", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.50818", "scoring_system": "epss", "scoring_elements": "0.97853", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.50818", "scoring_system": "epss", "scoring_elements": "0.97858", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.50818", "scoring_system": "epss", "scoring_elements": "0.97856", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.50818", "scoring_system": "epss", "scoring_elements": "0.97845", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.50818", "scoring_system": "epss", "scoring_elements": "0.97846", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.50818", "scoring_system": "epss", "scoring_elements": "0.97849", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2255" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2255", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2255" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210185", "reference_id": "2210185", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210185" }, { "reference_url": "https://security.gentoo.org/glsa/202311-15", "reference_id": "GLSA-202311-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202311-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6508", "reference_id": "RHSA-2023:6508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6933", "reference_id": "RHSA-2023:6933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6933" }, { "reference_url": "https://usn.ubuntu.com/6144-1/", "reference_id": "USN-6144-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6144-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928445?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928402?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928444?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.5-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.5-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928400?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928404?format=api", "purl": "pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928403?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088698?format=api", "purl": "pkg:deb/debian/libreoffice@4:26.2.3.2-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-2255" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zh9v-egc2-ufc5" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.3.2-2%3Fdistro=trixie" }