Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/libreoffice@4:24.2.4-1?distro=trixie
Typedeb
Namespacedebian
Namelibreoffice
Version4:24.2.4-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version4:24.2.5-1
Latest_non_vulnerable_version4:26.2.2.2-3
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-4kzn-nb3d-e3c8
vulnerability_id VCID-4kzn-nb3d-e3c8
summary 
Improper Certificate Validation vulnerability in LibreOffice "LibreOfficeKit" mode disables TLS certification verification

LibreOfficeKit can be used for accessing LibreOffice functionality 
through C/C++. Typically this is used by third party components to reuse
 LibreOffice as a library to convert, view or otherwise interact with 
documents.

LibreOffice internally makes use of "curl" to fetch remote resources such as images hosted on webservers.

In
 affected versions of LibreOffice, when used in LibreOfficeKit mode 
only, then curl's TLS certification verification was disabled 
(CURLOPT_SSL_VERIFYPEER of false)

In the fixed versions curl operates in LibreOfficeKit mode the same as in standard mode with CURLOPT_SSL_VERIFYPEER of true.

This issue affects LibreOffice before version 24.2.4.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-5261
reference_id
reference_type
scores
0
value 0.00532
scoring_system epss
scoring_elements 0.67335
published_at 2026-04-21T12:55:00Z
1
value 0.00532
scoring_system epss
scoring_elements 0.67345
published_at 2026-04-16T12:55:00Z
2
value 0.00532
scoring_system epss
scoring_elements 0.6731
published_at 2026-04-13T12:55:00Z
3
value 0.00532
scoring_system epss
scoring_elements 0.67357
published_at 2026-04-18T12:55:00Z
4
value 0.00532
scoring_system epss
scoring_elements 0.67272
published_at 2026-04-02T12:55:00Z
5
value 0.00532
scoring_system epss
scoring_elements 0.67295
published_at 2026-04-04T12:55:00Z
6
value 0.00532
scoring_system epss
scoring_elements 0.67273
published_at 2026-04-07T12:55:00Z
7
value 0.00532
scoring_system epss
scoring_elements 0.67324
published_at 2026-04-08T12:55:00Z
8
value 0.00532
scoring_system epss
scoring_elements 0.67337
published_at 2026-04-09T12:55:00Z
9
value 0.00532
scoring_system epss
scoring_elements 0.67358
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-5261
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://www.libreoffice.org/about-us/security/advisories/cve-2024-5261
reference_id cve-2024-5261
reference_type
scores
0
value 10
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-25T13:27:12Z/
url https://www.libreoffice.org/about-us/security/advisories/cve-2024-5261
3
reference_url https://usn.ubuntu.com/6877-1/
reference_id USN-6877-1
reference_type
scores
url https://usn.ubuntu.com/6877-1/
fixed_packages
0
url pkg:deb/debian/libreoffice@0?distro=trixie
purl pkg:deb/debian/libreoffice@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@0%3Fdistro=trixie
1
url pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie
purl pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10%3Fdistro=trixie
2
url pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie
purl pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10%3Fdistro=trixie
3
url pkg:deb/debian/libreoffice@4:24.2.4-1?distro=trixie
purl pkg:deb/debian/libreoffice@4:24.2.4-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:24.2.4-1%3Fdistro=trixie
4
url pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie
purl pkg:deb/debian/libreoffice@4:25.2.3-2%2Bdeb13u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:25.2.3-2%252Bdeb13u3%3Fdistro=trixie
5
url pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie
purl pkg:deb/debian/libreoffice@4:26.2.2.2-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:26.2.2.2-3%3Fdistro=trixie
aliases CVE-2024-5261
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4kzn-nb3d-e3c8
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:24.2.4-1%3Fdistro=trixie