Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1049241?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "type": "deb", "namespace": "debian", "name": "libreoffice", "version": "1:7.0.4-4+deb11u10", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "4:7.4.7-1+deb12u10", "latest_non_vulnerable_version": "4:7.4.7-1+deb12u10", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61541?format=api", "vulnerability_id": "VCID-k6mn-jky6-wqg2", "summary": "Multiple vulnerabilities have been found in LibreOffice, the worst of which could result in user-assisted code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12425.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12425.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12425", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59134", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.5915", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59129", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59148", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61095", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61089", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61137", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61153", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61173", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.6116", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61141", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61181", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61187", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00407", "scoring_system": "epss", "scoring_elements": "0.61123", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12425" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12425", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12425" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336110", "reference_id": "2336110", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336110" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/cve-2024-12425", "reference_id": "cve-2024-12425", "reference_type": "", "scores": [ { "value": "2.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-07T14:16:49Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/cve-2024-12425" }, { "reference_url": "https://security.gentoo.org/glsa/202506-03", "reference_id": "GLSA-202506-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-03" }, { "reference_url": "https://usn.ubuntu.com/7228-1/", "reference_id": "USN-7228-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7228-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052323?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10" } ], "aliases": [ "CVE-2024-12425" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k6mn-jky6-wqg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70887?format=api", "vulnerability_id": "VCID-kx13-c2d7-nke3", "summary": "libreoffice: Macro URL arbitrary script execution", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1080.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-1080.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1080", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21383", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.2134", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21437", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21189", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21268", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.2133", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30613", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30414", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30815", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30779", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30497", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30831", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30803", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30835", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1080" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1080", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1080" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349906", "reference_id": "2349906", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2349906" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/cve-2025-1080", "reference_id": "cve-2025-1080", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:L/VA:H/SC:H/SI:H/SA:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-04T20:34:55Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/cve-2025-1080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2868", "reference_id": "RHSA-2025:2868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:2868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3169", "reference_id": "RHSA-2025:3169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3265", "reference_id": "RHSA-2025:3265", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3265" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3267", "reference_id": "RHSA-2025:3267", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3269", "reference_id": "RHSA-2025:3269", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3269" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3390", "reference_id": "RHSA-2025:3390", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3390" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3408", "reference_id": "RHSA-2025:3408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3548", "reference_id": "RHSA-2025:3548", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3548" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3549", "reference_id": "RHSA-2025:3549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3550", "reference_id": "RHSA-2025:3550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:3550" }, { "reference_url": "https://usn.ubuntu.com/7337-1/", "reference_id": "USN-7337-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7337-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052323?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10" } ], "aliases": [ "CVE-2025-1080" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kx13-c2d7-nke3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/73926?format=api", "vulnerability_id": "VCID-u6wr-a1wv-byax", "summary": "libreoffice: improper digital signature invalidation vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7788.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7788.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7788", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19005", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19169", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1906", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1905", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19387", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19439", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19155", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19234", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19287", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19292", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19245", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19191", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1915", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1916", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7788" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7788", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7788" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312865", "reference_id": "2312865", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312865" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2024-7788", "reference_id": "CVE-2024-7788", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-17T15:52:01Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2024-7788" }, { "reference_url": "https://usn.ubuntu.com/7025-1/", "reference_id": "USN-7025-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7025-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052323?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10" } ], "aliases": [ "CVE-2024-7788" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u6wr-a1wv-byax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61542?format=api", "vulnerability_id": "VCID-w6ze-2zem-p3ev", "summary": "Multiple vulnerabilities have been found in LibreOffice, the worst of which could result in user-assisted code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12426.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-12426.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12426", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.64906", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.6488", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.64897", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.6491", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66637", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66686", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66701", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.6672", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66708", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66678", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66712", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66725", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66663", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12426" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336117", "reference_id": "2336117", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2336117" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/cve-2024-12426", "reference_id": "cve-2024-12426", "reference_type": "", "scores": [ { "value": "6.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-07T14:38:29Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/cve-2024-12426" }, { "reference_url": "https://security.gentoo.org/glsa/202506-03", "reference_id": "GLSA-202506-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-03" }, { "reference_url": "https://usn.ubuntu.com/7228-1/", "reference_id": "USN-7228-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7228-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052323?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10" } ], "aliases": [ "CVE-2024-12426" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w6ze-2zem-p3ev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70164?format=api", "vulnerability_id": "VCID-xkby-5yru-97gd", "summary": "LibreOffice: PDF signature forgery with adbe.pkcs7.sha1 SubFilter", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2866.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-2866.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2866", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25835", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25531", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25641", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25589", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.2558", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25878", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25648", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25719", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25767", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25778", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25737", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25679", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25681", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25665", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2866" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2866", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2866" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362574", "reference_id": "2362574", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362574" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/cve-2025-2866", "reference_id": "cve-2025-2866", "reference_type": "", "scores": [ { "value": "2.4", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T13:41:33Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/cve-2025-2866" }, { "reference_url": "https://usn.ubuntu.com/7504-1/", "reference_id": "USN-7504-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7504-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1052323?format=api", "purl": "pkg:deb/debian/libreoffice@4:7.4.7-1%2Bdeb12u10", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@4:7.4.7-1%252Bdeb12u10" } ], "aliases": [ "CVE-2025-2866" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xkby-5yru-97gd" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79183?format=api", "vulnerability_id": "VCID-11vv-gd2v-2qhk", "summary": "libreoffice: Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26306.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26306.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26306", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58456", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.5849", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58457", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.5847", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58446", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58465", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58439", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58492", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58498", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58515", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58495", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58476", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58507", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00364", "scoring_system": "epss", "scoring_elements": "0.58512", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26306" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118613", "reference_id": "2118613", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118613" }, { "reference_url": "https://security.archlinux.org/AVG-2783", "reference_id": "AVG-2783", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2783" }, { "reference_url": "https://security.archlinux.org/AVG-2784", "reference_id": "AVG-2784", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0089", "reference_id": "RHSA-2023:0089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0089" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0304", "reference_id": "RHSA-2023:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0304" }, { "reference_url": "https://usn.ubuntu.com/5661-1/", "reference_id": "USN-5661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5661-1/" }, { "reference_url": "https://usn.ubuntu.com/5694-1/", "reference_id": "USN-5694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5694-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2022-26306" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-11vv-gd2v-2qhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60132?format=api", "vulnerability_id": "VCID-1981-p3m3-sfhe", "summary": "Multiple vulnerabilities have been found in LibreOffice, the worst of which could result in user-assisted code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6185.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6185.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6185", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.78978", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79096", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.7902", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79044", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79028", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79018", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79046", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79043", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79041", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79075", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79081", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79004", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.78989", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01215", "scoring_system": "epss", "scoring_elements": "0.79013", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6186", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6186" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254003", "reference_id": "2254003", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254003" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/cve-2023-6185", "reference_id": "cve-2023-6185", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-12-20T16:47:31Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/cve-2023-6185" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5574", "reference_id": "dsa-5574", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-12-20T16:47:31Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5574" }, { "reference_url": "https://security.gentoo.org/glsa/202402-29", "reference_id": "GLSA-202402-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-29" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html", "reference_id": "msg00026.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-12-20T16:47:31Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/", "reference_id": "QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2023-12-20T16:47:31Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1423", "reference_id": "RHSA-2024:1423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1425", "reference_id": "RHSA-2024:1425", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1425" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1427", "reference_id": "RHSA-2024:1427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1473", "reference_id": "RHSA-2024:1473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1480", "reference_id": "RHSA-2024:1480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1512", "reference_id": "RHSA-2024:1512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1513", "reference_id": "RHSA-2024:1513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1514", "reference_id": "RHSA-2024:1514", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1514" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3304", "reference_id": "RHSA-2024:3304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3835", "reference_id": "RHSA-2024:3835", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3835" }, { "reference_url": "https://usn.ubuntu.com/6546-1/", "reference_id": "USN-6546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6546-1/" }, { "reference_url": "https://usn.ubuntu.com/6546-2/", "reference_id": "USN-6546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2023-6185" ], "risk_score": 3.8, "exploitability": "0.5", "weighted_severity": "7.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1981-p3m3-sfhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81242?format=api", "vulnerability_id": "VCID-1vte-fcdx-nfcd", "summary": "libreoffice: crash recovered MSOffice encrypted documents defaulted to not to using encryption on next save", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12801.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12801.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12801", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40235", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.39872", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40087", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.4014", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.39967", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.39952", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40259", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40182", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40234", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40245", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40256", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40218", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40199", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40247", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40217", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12801" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137844", "reference_id": "2137844", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137844" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12801", "reference_id": "CVE-2020-12801", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T15:37:49Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2020-12801" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00011.html", "reference_id": "msg00011.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T15:37:49Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00011.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html", "reference_id": "msg00026.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-10T15:37:49Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html" }, { "reference_url": "https://usn.ubuntu.com/5694-1/", "reference_id": "USN-5694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5694-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2020-12801" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1vte-fcdx-nfcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76364?format=api", "vulnerability_id": "VCID-1ykj-3m3w-1fez", "summary": "libreoffice: create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3044.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3044.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3044", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84966", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.8492", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84919", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84913", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84934", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84935", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84933", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84958", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84852", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.8487", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84872", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84895", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02355", "scoring_system": "epss", "scoring_elements": "0.84902", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3044" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3044", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3044" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280542", "reference_id": "2280542", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280542" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TU3TYDXICKPYHMCNL7ARYYBXACEAYJ4/", "reference_id": "3TU3TYDXICKPYHMCNL7ARYYBXACEAYJ4", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:55:50Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TU3TYDXICKPYHMCNL7ARYYBXACEAYJ4/" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2024-3044", "reference_id": "CVE-2024-3044", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:55:50Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2024-3044" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00016.html", "reference_id": "msg00016.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-16T18:55:50Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00016.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4242", "reference_id": "RHSA-2024:4242", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4242" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:4755", "reference_id": "RHSA-2024:4755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:4755" }, { "reference_url": "https://usn.ubuntu.com/6789-1/", "reference_id": "USN-6789-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6789-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2024-3044" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1ykj-3m3w-1fez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79727?format=api", "vulnerability_id": "VCID-3kcp-zzcm-kfc9", "summary": "security update", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00040.html" }, { "reference_url": "http://packetstormsecurity.com/files/156474/Open-Xchange-App-Suite-Documents-Server-Side-Request-Forgery.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://packetstormsecurity.com/files/156474/Open-Xchange-App-Suite-Documents-Server-Side-Request-Forgery.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9853.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9853.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9853", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52485", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52547", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52622", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52573", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52583", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52531", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52558", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52524", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52577", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.5257", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52621", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52605", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.5259", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52629", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52637", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9853" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9850", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9850" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9851", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9851" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9853", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9853" }, { "reference_url": "http://seclists.org/fulldisclosure/2020/Feb/23", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/fulldisclosure/2020/Feb/23" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.apache.org/thread.html/19c917f7c8a0d8f62142046fabfe3e2c7d6091ef1f92b99c6e79e24e%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/19c917f7c8a0d8f62142046fabfe3e2c7d6091ef1f92b99c6e79e24e%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/27339e8a9a1e9bb47fbdb939b338256d0356250a1974aaf4d774f683%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/27339e8a9a1e9bb47fbdb939b338256d0356250a1974aaf4d774f683%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/306a374361891eb17c6cffc99c3d7be1d3152a99c839d4231edc1631%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/306a374361891eb17c6cffc99c3d7be1d3152a99c839d4231edc1631%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/3a5570ca5cd14ad08e24684c71cfeff3a507f108fe3cf30ba4f58226%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/3a5570ca5cd14ad08e24684c71cfeff3a507f108fe3cf30ba4f58226%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/4ae0e6e52600f408d943ded079d314733ce188b04b04471464f89c4f%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/4ae0e6e52600f408d943ded079d314733ce188b04b04471464f89c4f%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/70da9481dca267405e1d79e53942264765ef3f55c9a563c3737e3926%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/70da9481dca267405e1d79e53942264765ef3f55c9a563c3737e3926%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/7394e6b5f78a878bd0c44e9bc9adf90b8cdf49e9adc0f287145aba9b%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/9dc85d9937ad7f101047c53f78c00e8ceb135eaeff7dcf4724b46f2c%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/9dc85d9937ad7f101047c53f78c00e8ceb135eaeff7dcf4724b46f2c%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/a5231ad45b030b54828c7b0b62a7e7d4b48481c7cb83ff628e07fa43%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/a5231ad45b030b54828c7b0b62a7e7d4b48481c7cb83ff628e07fa43%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/a540d1b6f9a7ebb206adba02839f654a6ee63a7b0976f559a847e49a%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/a540d1b6f9a7ebb206adba02839f654a6ee63a7b0976f559a847e49a%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.apache.org/thread.html/ca216900abd846f0220fe18b95f9f787bdbe0e87fa4eee822073cd69%40%3Ccommits.openoffice.apache.org%3E", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.apache.org/thread.html/ca216900abd846f0220fe18b95f9f787bdbe0e87fa4eee822073cd69%40%3Ccommits.openoffice.apache.org%3E" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQGBRSD73KTDZ2MPAOL7FBWO3SQVYE5B/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQGBRSD73KTDZ2MPAOL7FBWO3SQVYE5B/" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9853/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9853/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797466", "reference_id": "1797466", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797466" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9853", "reference_id": "CVE-2019-9853", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9853" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1151", "reference_id": "RHSA-2020:1151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1598", "reference_id": "RHSA-2020:1598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1598" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037007?format=api", "purl": "pkg:deb/debian/libreoffice@1:5.2.7-1%2Bdeb9u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11vv-gd2v-2qhk" }, { "vulnerability": "VCID-1981-p3m3-sfhe" }, { "vulnerability": "VCID-1vte-fcdx-nfcd" }, { "vulnerability": "VCID-1ykj-3m3w-1fez" }, { "vulnerability": "VCID-3kcp-zzcm-kfc9" }, { "vulnerability": "VCID-5rdw-edhu-qbhf" }, { "vulnerability": "VCID-7y9n-6x5a-k3eg" }, { "vulnerability": "VCID-91c1-yujx-zbft" }, { "vulnerability": "VCID-b13x-6q14-gfau" }, { "vulnerability": "VCID-bywq-ypgf-xyae" }, { "vulnerability": "VCID-c1fx-u5yh-jucb" }, { "vulnerability": "VCID-dt65-hb25-t7ck" }, { "vulnerability": "VCID-hnaa-96w8-3uhu" }, { "vulnerability": "VCID-jew4-uq9k-93b3" }, { "vulnerability": "VCID-jmtk-qy9f-z3hu" }, { "vulnerability": "VCID-k36c-4eyp-p7hq" }, { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-ma9t-qst9-xbcm" }, { "vulnerability": "VCID-n34y-vynb-qbae" }, { "vulnerability": "VCID-pc43-5jvh-fbe2" }, { "vulnerability": "VCID-pkz4-5wxb-5qdc" }, { "vulnerability": "VCID-qt46-94xf-eyaz" }, { "vulnerability": "VCID-re5e-qp85-ybdd" }, { "vulnerability": "VCID-sega-433y-v7bb" }, { "vulnerability": "VCID-sqwy-enu1-1uep" }, { "vulnerability": "VCID-u1ry-xuyn-77fm" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-us6f-vsb9-83ck" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" }, { "vulnerability": "VCID-y2ja-v9xa-k7af" }, { "vulnerability": "VCID-zh9v-egc2-ufc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:5.2.7-1%252Bdeb9u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037966?format=api", "purl": "pkg:deb/debian/libreoffice@1:6.1.5-3%2Bdeb10u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11vv-gd2v-2qhk" }, { "vulnerability": "VCID-1981-p3m3-sfhe" }, { "vulnerability": "VCID-1vte-fcdx-nfcd" }, { "vulnerability": "VCID-1ykj-3m3w-1fez" }, { "vulnerability": "VCID-3kcp-zzcm-kfc9" }, { "vulnerability": "VCID-5rdw-edhu-qbhf" }, { "vulnerability": "VCID-7y9n-6x5a-k3eg" }, { "vulnerability": "VCID-91c1-yujx-zbft" }, { "vulnerability": "VCID-b13x-6q14-gfau" }, { "vulnerability": "VCID-bywq-ypgf-xyae" }, { "vulnerability": "VCID-c1fx-u5yh-jucb" }, { "vulnerability": "VCID-dt65-hb25-t7ck" }, { "vulnerability": "VCID-hnaa-96w8-3uhu" }, { "vulnerability": "VCID-jew4-uq9k-93b3" }, { "vulnerability": "VCID-k36c-4eyp-p7hq" }, { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-ma9t-qst9-xbcm" }, { "vulnerability": "VCID-n34y-vynb-qbae" }, { "vulnerability": "VCID-pc43-5jvh-fbe2" }, { "vulnerability": "VCID-pkz4-5wxb-5qdc" }, { "vulnerability": "VCID-re5e-qp85-ybdd" }, { "vulnerability": "VCID-sega-433y-v7bb" }, { "vulnerability": "VCID-u1ry-xuyn-77fm" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" }, { "vulnerability": "VCID-y2ja-v9xa-k7af" }, { "vulnerability": "VCID-zh9v-egc2-ufc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:6.1.5-3%252Bdeb10u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2019-9853" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3kcp-zzcm-kfc9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79728?format=api", "vulnerability_id": "VCID-5rdw-edhu-qbhf", "summary": "security update", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00067.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00055.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9854.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9854.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9854", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73276", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73416", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73371", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73405", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73418", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73286", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.7331", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73282", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73318", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73331", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73355", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73335", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73327", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.7337", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73378", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9854" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00005.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XQKKOIY2DMZCXJINOLIQXD2NWISDKK3N/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XQKKOIY2DMZCXJINOLIQXD2NWISDKK3N/" }, { "reference_url": "https://seclists.org/bugtraq/2019/Sep/17", "reference_id": "", "reference_type": "", "scores": [], "url": "https://seclists.org/bugtraq/2019/Sep/17" }, { "reference_url": "https://www.debian.org/security/2019/dsa-4519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2019/dsa-4519" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9854/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2019-9854/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1769907", "reference_id": "1769907", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1769907" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9854", "reference_id": "CVE-2019-9854", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9854" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1151", "reference_id": "RHSA-2020:1151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1598", "reference_id": "RHSA-2020:1598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1598" }, { "reference_url": "https://usn.ubuntu.com/4138-1/", "reference_id": "USN-4138-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4138-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037007?format=api", "purl": "pkg:deb/debian/libreoffice@1:5.2.7-1%2Bdeb9u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11vv-gd2v-2qhk" }, { "vulnerability": "VCID-1981-p3m3-sfhe" }, { "vulnerability": "VCID-1vte-fcdx-nfcd" }, { "vulnerability": "VCID-1ykj-3m3w-1fez" }, { "vulnerability": "VCID-3kcp-zzcm-kfc9" }, { "vulnerability": "VCID-5rdw-edhu-qbhf" }, { "vulnerability": "VCID-7y9n-6x5a-k3eg" }, { "vulnerability": "VCID-91c1-yujx-zbft" }, { "vulnerability": "VCID-b13x-6q14-gfau" }, { "vulnerability": "VCID-bywq-ypgf-xyae" }, { "vulnerability": "VCID-c1fx-u5yh-jucb" }, { "vulnerability": "VCID-dt65-hb25-t7ck" }, { "vulnerability": "VCID-hnaa-96w8-3uhu" }, { "vulnerability": "VCID-jew4-uq9k-93b3" }, { "vulnerability": "VCID-jmtk-qy9f-z3hu" }, { "vulnerability": "VCID-k36c-4eyp-p7hq" }, { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-ma9t-qst9-xbcm" }, { "vulnerability": "VCID-n34y-vynb-qbae" }, { "vulnerability": "VCID-pc43-5jvh-fbe2" }, { "vulnerability": "VCID-pkz4-5wxb-5qdc" }, { "vulnerability": "VCID-qt46-94xf-eyaz" }, { "vulnerability": "VCID-re5e-qp85-ybdd" }, { "vulnerability": "VCID-sega-433y-v7bb" }, { "vulnerability": "VCID-sqwy-enu1-1uep" }, { "vulnerability": "VCID-u1ry-xuyn-77fm" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-us6f-vsb9-83ck" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" }, { "vulnerability": "VCID-y2ja-v9xa-k7af" }, { "vulnerability": "VCID-zh9v-egc2-ufc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:5.2.7-1%252Bdeb9u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037966?format=api", "purl": "pkg:deb/debian/libreoffice@1:6.1.5-3%2Bdeb10u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11vv-gd2v-2qhk" }, { "vulnerability": "VCID-1981-p3m3-sfhe" }, { "vulnerability": "VCID-1vte-fcdx-nfcd" }, { "vulnerability": "VCID-1ykj-3m3w-1fez" }, { "vulnerability": "VCID-3kcp-zzcm-kfc9" }, { "vulnerability": "VCID-5rdw-edhu-qbhf" }, { "vulnerability": "VCID-7y9n-6x5a-k3eg" }, { "vulnerability": "VCID-91c1-yujx-zbft" }, { "vulnerability": "VCID-b13x-6q14-gfau" }, { "vulnerability": "VCID-bywq-ypgf-xyae" }, { "vulnerability": "VCID-c1fx-u5yh-jucb" }, { "vulnerability": "VCID-dt65-hb25-t7ck" }, { "vulnerability": "VCID-hnaa-96w8-3uhu" }, { "vulnerability": "VCID-jew4-uq9k-93b3" }, { "vulnerability": "VCID-k36c-4eyp-p7hq" }, { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-ma9t-qst9-xbcm" }, { "vulnerability": "VCID-n34y-vynb-qbae" }, { "vulnerability": "VCID-pc43-5jvh-fbe2" }, { "vulnerability": "VCID-pkz4-5wxb-5qdc" }, { "vulnerability": "VCID-re5e-qp85-ybdd" }, { "vulnerability": "VCID-sega-433y-v7bb" }, { "vulnerability": "VCID-u1ry-xuyn-77fm" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" }, { "vulnerability": "VCID-y2ja-v9xa-k7af" }, { "vulnerability": "VCID-zh9v-egc2-ufc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:6.1.5-3%252Bdeb10u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2019-9854" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5rdw-edhu-qbhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60133?format=api", "vulnerability_id": "VCID-7y9n-6x5a-k3eg", "summary": "Multiple vulnerabilities have been found in LibreOffice, the worst of which could result in user-assisted code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6186.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6186.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6186", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.7785", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77878", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77859", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77886", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77891", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77918", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01086", "scoring_system": "epss", "scoring_elements": "0.77902", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01287", "scoring_system": "epss", "scoring_elements": "0.79718", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01287", "scoring_system": "epss", "scoring_elements": "0.79663", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01287", "scoring_system": "epss", "scoring_elements": "0.79662", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01287", "scoring_system": "epss", "scoring_elements": "0.79666", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01287", "scoring_system": "epss", "scoring_elements": "0.79696", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01287", "scoring_system": "epss", "scoring_elements": "0.79703", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6186" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6186", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6186" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254005", "reference_id": "2254005", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254005" }, { "reference_url": "https://security.gentoo.org/glsa/202402-29", "reference_id": "GLSA-202402-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-29" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1423", "reference_id": "RHSA-2024:1423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1425", "reference_id": "RHSA-2024:1425", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1425" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1427", "reference_id": "RHSA-2024:1427", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1473", "reference_id": "RHSA-2024:1473", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1473" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1480", "reference_id": "RHSA-2024:1480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1512", "reference_id": "RHSA-2024:1512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1513", "reference_id": "RHSA-2024:1513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1514", "reference_id": "RHSA-2024:1514", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:1514" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3835", "reference_id": "RHSA-2024:3835", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:3835" }, { "reference_url": "https://usn.ubuntu.com/6546-1/", "reference_id": "USN-6546-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6546-1/" }, { "reference_url": "https://usn.ubuntu.com/6546-2/", "reference_id": "USN-6546-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6546-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2023-6186" ], "risk_score": 3.8, "exploitability": "0.5", "weighted_severity": "7.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7y9n-6x5a-k3eg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79644?format=api", "vulnerability_id": "VCID-91c1-yujx-zbft", "summary": "libreoffice: Incorrect trust validation of signature with ambiguous KeyInfo children", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25636.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25636.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25636", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38994", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.3918", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39202", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39121", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39176", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39192", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39152", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39115", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39095", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.3915", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.3912", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39032", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38823", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.388", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38717", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25636" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25636", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25636" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056955", "reference_id": "2056955", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2056955" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7461", "reference_id": "RHSA-2022:7461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7461" }, { "reference_url": "https://usn.ubuntu.com/5330-1/", "reference_id": "USN-5330-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5330-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2021-25636" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-91c1-yujx-zbft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80006?format=api", "vulnerability_id": "VCID-b13x-6q14-gfau", "summary": "libreoffice: Timestamp Manipulation with Signature Wrapping", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25634.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25634.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25634", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.6095", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61027", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61056", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61021", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.6107", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61086", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61107", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61093", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61074", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61116", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61122", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61106", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61095", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.611", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25634" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013151", "reference_id": "2013151", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1766", "reference_id": "RHSA-2022:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1766" }, { "reference_url": "https://usn.ubuntu.com/5153-1/", "reference_id": "USN-5153-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5153-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2021-25634" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b13x-6q14-gfau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41757?format=api", "vulnerability_id": "VCID-bywq-ypgf-xyae", "summary": "A vulnerability has been discovered in LibreOffice which could result in arbitrary script execution via crafted links.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3140.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3140.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3140", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79967", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79943", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79949", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79841", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79862", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.7985", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79879", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79886", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79907", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.7989", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79882", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79911", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79912", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01322", "scoring_system": "epss", "scoring_elements": "0.79915", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3140" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134697", "reference_id": "2134697", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134697" }, { "reference_url": "https://security.archlinux.org/AVG-2806", "reference_id": "AVG-2806", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2806" }, { "reference_url": "https://security.archlinux.org/AVG-2807", "reference_id": "AVG-2807", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2807" }, { "reference_url": "https://security.gentoo.org/glsa/202212-04", "reference_id": "GLSA-202212-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202212-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0089", "reference_id": "RHSA-2023:0089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0089" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0304", "reference_id": "RHSA-2023:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0304" }, { "reference_url": "https://usn.ubuntu.com/5694-1/", "reference_id": "USN-5694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5694-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2022-3140" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bywq-ypgf-xyae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79724?format=api", "vulnerability_id": "VCID-c1fx-u5yh-jucb", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9850.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9850.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9850", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.863", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86311", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86329", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.8633", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86347", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86357", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86371", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86369", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86363", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.8638", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86385", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86378", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86398", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86408", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02907", "scoring_system": "epss", "scoring_elements": "0.86404", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9850" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9850", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9850" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9851", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9851" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9853", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9853" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744862", "reference_id": "1744862", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1151", "reference_id": "RHSA-2020:1151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1598", "reference_id": "RHSA-2020:1598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1598" }, { "reference_url": "https://usn.ubuntu.com/4102-1/", "reference_id": "USN-4102-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4102-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037007?format=api", "purl": "pkg:deb/debian/libreoffice@1:5.2.7-1%2Bdeb9u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11vv-gd2v-2qhk" }, { "vulnerability": "VCID-1981-p3m3-sfhe" }, { "vulnerability": "VCID-1vte-fcdx-nfcd" }, { "vulnerability": "VCID-1ykj-3m3w-1fez" }, { "vulnerability": "VCID-3kcp-zzcm-kfc9" }, { "vulnerability": "VCID-5rdw-edhu-qbhf" }, { "vulnerability": "VCID-7y9n-6x5a-k3eg" }, { "vulnerability": "VCID-91c1-yujx-zbft" }, { "vulnerability": "VCID-b13x-6q14-gfau" }, { "vulnerability": "VCID-bywq-ypgf-xyae" }, { "vulnerability": "VCID-c1fx-u5yh-jucb" }, { "vulnerability": "VCID-dt65-hb25-t7ck" }, { "vulnerability": "VCID-hnaa-96w8-3uhu" }, { "vulnerability": "VCID-jew4-uq9k-93b3" }, { "vulnerability": "VCID-jmtk-qy9f-z3hu" }, { "vulnerability": "VCID-k36c-4eyp-p7hq" }, { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-ma9t-qst9-xbcm" }, { "vulnerability": "VCID-n34y-vynb-qbae" }, { "vulnerability": "VCID-pc43-5jvh-fbe2" }, { "vulnerability": "VCID-pkz4-5wxb-5qdc" }, { "vulnerability": "VCID-qt46-94xf-eyaz" }, { "vulnerability": "VCID-re5e-qp85-ybdd" }, { "vulnerability": "VCID-sega-433y-v7bb" }, { "vulnerability": "VCID-sqwy-enu1-1uep" }, { "vulnerability": "VCID-u1ry-xuyn-77fm" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-us6f-vsb9-83ck" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" }, { "vulnerability": "VCID-y2ja-v9xa-k7af" }, { "vulnerability": "VCID-zh9v-egc2-ufc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:5.2.7-1%252Bdeb9u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037966?format=api", "purl": "pkg:deb/debian/libreoffice@1:6.1.5-3%2Bdeb10u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11vv-gd2v-2qhk" }, { "vulnerability": "VCID-1981-p3m3-sfhe" }, { "vulnerability": "VCID-1vte-fcdx-nfcd" }, { "vulnerability": "VCID-1ykj-3m3w-1fez" }, { "vulnerability": "VCID-3kcp-zzcm-kfc9" }, { "vulnerability": "VCID-5rdw-edhu-qbhf" }, { "vulnerability": "VCID-7y9n-6x5a-k3eg" }, { "vulnerability": "VCID-91c1-yujx-zbft" }, { "vulnerability": "VCID-b13x-6q14-gfau" }, { "vulnerability": "VCID-bywq-ypgf-xyae" }, { "vulnerability": "VCID-c1fx-u5yh-jucb" }, { "vulnerability": "VCID-dt65-hb25-t7ck" }, { "vulnerability": "VCID-hnaa-96w8-3uhu" }, { "vulnerability": "VCID-jew4-uq9k-93b3" }, { "vulnerability": "VCID-k36c-4eyp-p7hq" }, { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-ma9t-qst9-xbcm" }, { "vulnerability": "VCID-n34y-vynb-qbae" }, { "vulnerability": "VCID-pc43-5jvh-fbe2" }, { "vulnerability": "VCID-pkz4-5wxb-5qdc" }, { "vulnerability": "VCID-re5e-qp85-ybdd" }, { "vulnerability": "VCID-sega-433y-v7bb" }, { "vulnerability": "VCID-u1ry-xuyn-77fm" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" }, { "vulnerability": "VCID-y2ja-v9xa-k7af" }, { "vulnerability": "VCID-zh9v-egc2-ufc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:6.1.5-3%252Bdeb10u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2019-9850" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c1fx-u5yh-jucb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81206?format=api", "vulnerability_id": "VCID-dt65-hb25-t7ck", "summary": "libreoffice: 'stealth mode' remote resource restrictions bypass", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12802.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12802.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12802", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60615", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60766", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60788", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60774", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.6069", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.6072", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60685", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60733", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60749", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60773", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.6076", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60741", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60783", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12802" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850226", "reference_id": "1850226", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850226" }, { "reference_url": "https://security.archlinux.org/AVG-1184", "reference_id": "AVG-1184", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4628", "reference_id": "RHSA-2020:4628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4628" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2020-12802" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dt65-hb25-t7ck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79181?format=api", "vulnerability_id": "VCID-hnaa-96w8-3uhu", "summary": "libreoffice: Execution of Untrusted Macros Due to Improper Certificate Validation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26305.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26305.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26305", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72209", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72162", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72205", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72214", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72088", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72109", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72085", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72122", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72134", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72157", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72141", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72127", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72168", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00706", "scoring_system": "epss", "scoring_elements": "0.72176", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26305" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118611", "reference_id": "2118611", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118611" }, { "reference_url": "https://security.archlinux.org/AVG-2783", "reference_id": "AVG-2783", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2783" }, { "reference_url": "https://security.archlinux.org/AVG-2784", "reference_id": "AVG-2784", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0089", "reference_id": "RHSA-2023:0089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0089" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0304", "reference_id": "RHSA-2023:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0304" }, { "reference_url": "https://usn.ubuntu.com/5661-1/", "reference_id": "USN-5661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5661-1/" }, { "reference_url": "https://usn.ubuntu.com/5694-1/", "reference_id": "USN-5694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5694-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2022-26305" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hnaa-96w8-3uhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78551?format=api", "vulnerability_id": "VCID-jew4-uq9k-93b3", "summary": "libreoffice: Empty entry in Java class path", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38745.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38745.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38745", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28851", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28813", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.289", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28707", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28773", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32092", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.31968", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.31886", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32283", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.3232", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32296", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32267", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32349", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32311", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38745" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182044", "reference_id": "2182044", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182044" }, { "reference_url": "https://www.openoffice.org/security/cves/CVE-2022-38745.html", "reference_id": "CVE-2022-38745.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-13T14:37:34Z/" } ], "url": "https://www.openoffice.org/security/cves/CVE-2022-38745.html" }, { "reference_url": "https://lists.apache.org/thread/q3noq7m681kvtb29m28x74q8cnwnzzo0", "reference_id": "q3noq7m681kvtb29m28x74q8cnwnzzo0", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-13T14:37:34Z/" } ], "url": "https://lists.apache.org/thread/q3noq7m681kvtb29m28x74q8cnwnzzo0" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6508", "reference_id": "RHSA-2023:6508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6933", "reference_id": "RHSA-2023:6933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6933" }, { "reference_url": "https://usn.ubuntu.com/6023-1/", "reference_id": "USN-6023-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6023-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2022-38745" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jew4-uq9k-93b3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56784?format=api", "vulnerability_id": "VCID-k36c-4eyp-p7hq", "summary": "Multiple vulnerabilities have been found in LibreOffice, the worst\n of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9848.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9848.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9848", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.86558", "scoring_system": "epss", "scoring_elements": "0.9941", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.86558", "scoring_system": "epss", "scoring_elements": "0.99421", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.86558", "scoring_system": "epss", "scoring_elements": "0.99418", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.86558", "scoring_system": "epss", "scoring_elements": "0.9942", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.86558", "scoring_system": "epss", "scoring_elements": "0.99419", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.86558", "scoring_system": "epss", "scoring_elements": "0.99412", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.86558", "scoring_system": "epss", "scoring_elements": "0.99413", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.86558", "scoring_system": "epss", "scoring_elements": "0.99414", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.86558", "scoring_system": "epss", "scoring_elements": "0.99416", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.86558", "scoring_system": "epss", "scoring_elements": "0.99417", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9848" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9848", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9848" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9849", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9849" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737427", "reference_id": "1737427", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737427" }, { "reference_url": "https://security.archlinux.org/ASA-201908-9", "reference_id": "ASA-201908-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201908-9" }, { "reference_url": "https://security.archlinux.org/AVG-1009", "reference_id": "AVG-1009", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1009" }, { "reference_url": "https://security.archlinux.org/AVG-1010", "reference_id": "AVG-1010", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1010" }, { "reference_url": "https://security.gentoo.org/glsa/201908-13", "reference_id": "GLSA-201908-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201908-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1151", "reference_id": "RHSA-2020:1151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1151" }, { "reference_url": "https://usn.ubuntu.com/4063-1/", "reference_id": "USN-4063-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4063-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037007?format=api", "purl": "pkg:deb/debian/libreoffice@1:5.2.7-1%2Bdeb9u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11vv-gd2v-2qhk" }, { "vulnerability": "VCID-1981-p3m3-sfhe" }, { "vulnerability": "VCID-1vte-fcdx-nfcd" }, { "vulnerability": "VCID-1ykj-3m3w-1fez" }, { "vulnerability": "VCID-3kcp-zzcm-kfc9" }, { "vulnerability": "VCID-5rdw-edhu-qbhf" }, { "vulnerability": "VCID-7y9n-6x5a-k3eg" }, { "vulnerability": "VCID-91c1-yujx-zbft" }, { "vulnerability": "VCID-b13x-6q14-gfau" }, { "vulnerability": "VCID-bywq-ypgf-xyae" }, { "vulnerability": "VCID-c1fx-u5yh-jucb" }, { "vulnerability": "VCID-dt65-hb25-t7ck" }, { "vulnerability": "VCID-hnaa-96w8-3uhu" }, { "vulnerability": "VCID-jew4-uq9k-93b3" }, { "vulnerability": "VCID-jmtk-qy9f-z3hu" }, { "vulnerability": "VCID-k36c-4eyp-p7hq" }, { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-ma9t-qst9-xbcm" }, { "vulnerability": "VCID-n34y-vynb-qbae" }, { "vulnerability": "VCID-pc43-5jvh-fbe2" }, { "vulnerability": "VCID-pkz4-5wxb-5qdc" }, { "vulnerability": "VCID-qt46-94xf-eyaz" }, { "vulnerability": "VCID-re5e-qp85-ybdd" }, { "vulnerability": "VCID-sega-433y-v7bb" }, { "vulnerability": "VCID-sqwy-enu1-1uep" }, { "vulnerability": "VCID-u1ry-xuyn-77fm" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-us6f-vsb9-83ck" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" }, { "vulnerability": "VCID-y2ja-v9xa-k7af" }, { "vulnerability": "VCID-zh9v-egc2-ufc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:5.2.7-1%252Bdeb9u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037966?format=api", "purl": "pkg:deb/debian/libreoffice@1:6.1.5-3%2Bdeb10u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11vv-gd2v-2qhk" }, { "vulnerability": "VCID-1981-p3m3-sfhe" }, { "vulnerability": "VCID-1vte-fcdx-nfcd" }, { "vulnerability": "VCID-1ykj-3m3w-1fez" }, { "vulnerability": "VCID-3kcp-zzcm-kfc9" }, { "vulnerability": "VCID-5rdw-edhu-qbhf" }, { "vulnerability": "VCID-7y9n-6x5a-k3eg" }, { "vulnerability": "VCID-91c1-yujx-zbft" }, { "vulnerability": "VCID-b13x-6q14-gfau" }, { "vulnerability": "VCID-bywq-ypgf-xyae" }, { "vulnerability": "VCID-c1fx-u5yh-jucb" }, { "vulnerability": "VCID-dt65-hb25-t7ck" }, { "vulnerability": "VCID-hnaa-96w8-3uhu" }, { "vulnerability": "VCID-jew4-uq9k-93b3" }, { "vulnerability": "VCID-k36c-4eyp-p7hq" }, { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-ma9t-qst9-xbcm" }, { "vulnerability": "VCID-n34y-vynb-qbae" }, { "vulnerability": "VCID-pc43-5jvh-fbe2" }, { "vulnerability": "VCID-pkz4-5wxb-5qdc" }, { "vulnerability": "VCID-re5e-qp85-ybdd" }, { "vulnerability": "VCID-sega-433y-v7bb" }, { "vulnerability": "VCID-u1ry-xuyn-77fm" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" }, { "vulnerability": "VCID-y2ja-v9xa-k7af" }, { "vulnerability": "VCID-zh9v-egc2-ufc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:6.1.5-3%252Bdeb10u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2019-9848" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k36c-4eyp-p7hq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74457?format=api", "vulnerability_id": "VCID-ma9t-qst9-xbcm", "summary": "libreoffice: Ability to trust not validated macro signatures removed in high security mode", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6472.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6472.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6472", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22225", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22397", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22245", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22231", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22545", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22588", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22377", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22458", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22513", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22532", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.2249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22435", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22451", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22448", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6472" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302866", "reference_id": "2302866", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302866" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2024-6472", "reference_id": "CVE-2024-6472", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-05T14:28:03Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2024-6472" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5583", "reference_id": "RHSA-2024:5583", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5583" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5584", "reference_id": "RHSA-2024:5584", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5584" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5598", "reference_id": "RHSA-2024:5598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5599", "reference_id": "RHSA-2024:5599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5601", "reference_id": "RHSA-2024:5601", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5607", "reference_id": "RHSA-2024:5607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5608", "reference_id": "RHSA-2024:5608", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5608" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5886", "reference_id": "RHSA-2024:5886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:5886" }, { "reference_url": "https://usn.ubuntu.com/6962-1/", "reference_id": "USN-6962-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6962-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2024-6472" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ma9t-qst9-xbcm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79180?format=api", "vulnerability_id": "VCID-n34y-vynb-qbae", "summary": "libreoffice: Weak Master Keys", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26307.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-26307.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26307", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52722", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52819", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52802", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52751", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52718", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52745", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.5271", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52761", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52756", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52807", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52791", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52774", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52811", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-26307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26307" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118610", "reference_id": "2118610", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2118610" }, { "reference_url": "https://security.archlinux.org/AVG-2783", "reference_id": "AVG-2783", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2783" }, { "reference_url": "https://security.archlinux.org/AVG-2784", "reference_id": "AVG-2784", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2784" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0089", "reference_id": "RHSA-2023:0089", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0089" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0304", "reference_id": "RHSA-2023:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0304" }, { "reference_url": "https://usn.ubuntu.com/5661-1/", "reference_id": "USN-5661-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5661-1/" }, { "reference_url": "https://usn.ubuntu.com/5694-1/", "reference_id": "USN-5694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5694-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2022-26307" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n34y-vynb-qbae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79726?format=api", "vulnerability_id": "VCID-pc43-5jvh-fbe2", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9852.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9852.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9852", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28954", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.2903", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.2908", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28889", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28957", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.29", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.29003", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28959", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28909", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28933", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28863", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28744", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28633", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28563", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9850", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9850" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9851", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9851" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9853", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9853" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744868", "reference_id": "1744868", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1151", "reference_id": "RHSA-2020:1151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1598", "reference_id": "RHSA-2020:1598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1598" }, { "reference_url": "https://usn.ubuntu.com/4102-1/", "reference_id": "USN-4102-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4102-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037007?format=api", "purl": "pkg:deb/debian/libreoffice@1:5.2.7-1%2Bdeb9u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11vv-gd2v-2qhk" }, { "vulnerability": "VCID-1981-p3m3-sfhe" }, { "vulnerability": "VCID-1vte-fcdx-nfcd" }, { "vulnerability": "VCID-1ykj-3m3w-1fez" }, { "vulnerability": "VCID-3kcp-zzcm-kfc9" }, { "vulnerability": "VCID-5rdw-edhu-qbhf" }, { "vulnerability": "VCID-7y9n-6x5a-k3eg" }, { "vulnerability": "VCID-91c1-yujx-zbft" }, { "vulnerability": "VCID-b13x-6q14-gfau" }, { "vulnerability": "VCID-bywq-ypgf-xyae" }, { "vulnerability": "VCID-c1fx-u5yh-jucb" }, { "vulnerability": "VCID-dt65-hb25-t7ck" }, { "vulnerability": "VCID-hnaa-96w8-3uhu" }, { "vulnerability": "VCID-jew4-uq9k-93b3" }, { "vulnerability": "VCID-jmtk-qy9f-z3hu" }, { "vulnerability": "VCID-k36c-4eyp-p7hq" }, { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-ma9t-qst9-xbcm" }, { "vulnerability": "VCID-n34y-vynb-qbae" }, { "vulnerability": "VCID-pc43-5jvh-fbe2" }, { "vulnerability": "VCID-pkz4-5wxb-5qdc" }, { "vulnerability": "VCID-qt46-94xf-eyaz" }, { "vulnerability": "VCID-re5e-qp85-ybdd" }, { "vulnerability": "VCID-sega-433y-v7bb" }, { "vulnerability": "VCID-sqwy-enu1-1uep" }, { "vulnerability": "VCID-u1ry-xuyn-77fm" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-us6f-vsb9-83ck" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" }, { "vulnerability": "VCID-y2ja-v9xa-k7af" }, { "vulnerability": "VCID-zh9v-egc2-ufc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:5.2.7-1%252Bdeb9u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037966?format=api", "purl": "pkg:deb/debian/libreoffice@1:6.1.5-3%2Bdeb10u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11vv-gd2v-2qhk" }, { "vulnerability": "VCID-1981-p3m3-sfhe" }, { "vulnerability": "VCID-1vte-fcdx-nfcd" }, { "vulnerability": "VCID-1ykj-3m3w-1fez" }, { "vulnerability": "VCID-3kcp-zzcm-kfc9" }, { "vulnerability": "VCID-5rdw-edhu-qbhf" }, { "vulnerability": "VCID-7y9n-6x5a-k3eg" }, { "vulnerability": "VCID-91c1-yujx-zbft" }, { "vulnerability": "VCID-b13x-6q14-gfau" }, { "vulnerability": "VCID-bywq-ypgf-xyae" }, { "vulnerability": "VCID-c1fx-u5yh-jucb" }, { "vulnerability": "VCID-dt65-hb25-t7ck" }, { "vulnerability": "VCID-hnaa-96w8-3uhu" }, { "vulnerability": "VCID-jew4-uq9k-93b3" }, { "vulnerability": "VCID-k36c-4eyp-p7hq" }, { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-ma9t-qst9-xbcm" }, { "vulnerability": "VCID-n34y-vynb-qbae" }, { "vulnerability": "VCID-pc43-5jvh-fbe2" }, { "vulnerability": "VCID-pkz4-5wxb-5qdc" }, { "vulnerability": "VCID-re5e-qp85-ybdd" }, { "vulnerability": "VCID-sega-433y-v7bb" }, { "vulnerability": "VCID-u1ry-xuyn-77fm" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" }, { "vulnerability": "VCID-y2ja-v9xa-k7af" }, { "vulnerability": "VCID-zh9v-egc2-ufc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:6.1.5-3%252Bdeb10u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2019-9852" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pc43-5jvh-fbe2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56785?format=api", "vulnerability_id": "VCID-pkz4-5wxb-5qdc", "summary": "Multiple vulnerabilities have been found in LibreOffice, the worst\n of which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9849.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9849.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9849", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87645", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87732", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.8771", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87728", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87733", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87655", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87668", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87669", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.8769", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87696", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87707", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87701", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87698", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03556", "scoring_system": "epss", "scoring_elements": "0.87713", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9849" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9848", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9848" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9849", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9849" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737421", "reference_id": "1737421", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737421" }, { "reference_url": "https://security.archlinux.org/ASA-201908-9", "reference_id": "ASA-201908-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201908-9" }, { "reference_url": "https://security.archlinux.org/AVG-1009", "reference_id": "AVG-1009", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1009" }, { "reference_url": "https://security.archlinux.org/AVG-1010", "reference_id": "AVG-1010", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1010" }, { "reference_url": "https://security.gentoo.org/glsa/201908-13", "reference_id": "GLSA-201908-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201908-13" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1151", "reference_id": "RHSA-2020:1151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1598", "reference_id": "RHSA-2020:1598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1598" }, { "reference_url": "https://usn.ubuntu.com/4063-1/", "reference_id": "USN-4063-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4063-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037007?format=api", "purl": "pkg:deb/debian/libreoffice@1:5.2.7-1%2Bdeb9u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11vv-gd2v-2qhk" }, { "vulnerability": "VCID-1981-p3m3-sfhe" }, { "vulnerability": "VCID-1vte-fcdx-nfcd" }, { "vulnerability": "VCID-1ykj-3m3w-1fez" }, { "vulnerability": "VCID-3kcp-zzcm-kfc9" }, { "vulnerability": "VCID-5rdw-edhu-qbhf" }, { "vulnerability": "VCID-7y9n-6x5a-k3eg" }, { "vulnerability": "VCID-91c1-yujx-zbft" }, { "vulnerability": "VCID-b13x-6q14-gfau" }, { "vulnerability": "VCID-bywq-ypgf-xyae" }, { "vulnerability": "VCID-c1fx-u5yh-jucb" }, { "vulnerability": "VCID-dt65-hb25-t7ck" }, { "vulnerability": "VCID-hnaa-96w8-3uhu" }, { "vulnerability": "VCID-jew4-uq9k-93b3" }, { "vulnerability": "VCID-jmtk-qy9f-z3hu" }, { "vulnerability": "VCID-k36c-4eyp-p7hq" }, { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-ma9t-qst9-xbcm" }, { "vulnerability": "VCID-n34y-vynb-qbae" }, { "vulnerability": "VCID-pc43-5jvh-fbe2" }, { "vulnerability": "VCID-pkz4-5wxb-5qdc" }, { "vulnerability": "VCID-qt46-94xf-eyaz" }, { "vulnerability": "VCID-re5e-qp85-ybdd" }, { "vulnerability": "VCID-sega-433y-v7bb" }, { "vulnerability": "VCID-sqwy-enu1-1uep" }, { "vulnerability": "VCID-u1ry-xuyn-77fm" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-us6f-vsb9-83ck" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" }, { "vulnerability": "VCID-y2ja-v9xa-k7af" }, { "vulnerability": "VCID-zh9v-egc2-ufc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:5.2.7-1%252Bdeb9u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037966?format=api", "purl": "pkg:deb/debian/libreoffice@1:6.1.5-3%2Bdeb10u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11vv-gd2v-2qhk" }, { "vulnerability": "VCID-1981-p3m3-sfhe" }, { "vulnerability": "VCID-1vte-fcdx-nfcd" }, { "vulnerability": "VCID-1ykj-3m3w-1fez" }, { "vulnerability": "VCID-3kcp-zzcm-kfc9" }, { "vulnerability": "VCID-5rdw-edhu-qbhf" }, { "vulnerability": "VCID-7y9n-6x5a-k3eg" }, { "vulnerability": "VCID-91c1-yujx-zbft" }, { "vulnerability": "VCID-b13x-6q14-gfau" }, { "vulnerability": "VCID-bywq-ypgf-xyae" }, { "vulnerability": "VCID-c1fx-u5yh-jucb" }, { "vulnerability": "VCID-dt65-hb25-t7ck" }, { "vulnerability": "VCID-hnaa-96w8-3uhu" }, { "vulnerability": "VCID-jew4-uq9k-93b3" }, { "vulnerability": "VCID-k36c-4eyp-p7hq" }, { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-ma9t-qst9-xbcm" }, { "vulnerability": "VCID-n34y-vynb-qbae" }, { "vulnerability": "VCID-pc43-5jvh-fbe2" }, { "vulnerability": "VCID-pkz4-5wxb-5qdc" }, { "vulnerability": "VCID-re5e-qp85-ybdd" }, { "vulnerability": "VCID-sega-433y-v7bb" }, { "vulnerability": "VCID-u1ry-xuyn-77fm" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" }, { "vulnerability": "VCID-y2ja-v9xa-k7af" }, { "vulnerability": "VCID-zh9v-egc2-ufc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:6.1.5-3%252Bdeb10u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2019-9849" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pkz4-5wxb-5qdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80005?format=api", "vulnerability_id": "VCID-re5e-qp85-ybdd", "summary": "libreoffice: Content Manipulation with Double Certificate Attack", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25633.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-25633.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25633", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67065", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67102", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67126", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.671", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.6715", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67163", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67182", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67168", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67137", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67171", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67185", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67165", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67186", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00528", "scoring_system": "epss", "scoring_elements": "0.67198", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-25633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25634" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013135", "reference_id": "2013135", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2013135" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1766", "reference_id": "RHSA-2022:1766", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1766" }, { "reference_url": "https://usn.ubuntu.com/5153-1/", "reference_id": "USN-5153-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5153-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2021-25633" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-re5e-qp85-ybdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79725?format=api", "vulnerability_id": "VCID-sega-433y-v7bb", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9851.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9851.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9851", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.99375", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.99376", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.99377", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.99379", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.9938", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.99381", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.99382", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.99384", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.99383", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.99385", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.85784", "scoring_system": "epss", "scoring_elements": "0.99386", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9851" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9850", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9850" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9851", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9851" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9852", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9852" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9853", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9853" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744866", "reference_id": "1744866", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1744866" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/47298.rb", "reference_id": "CVE-2019-9851", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/47298.rb" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1151", "reference_id": "RHSA-2020:1151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1151" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1598", "reference_id": "RHSA-2020:1598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1598" }, { "reference_url": "https://usn.ubuntu.com/4102-1/", "reference_id": "USN-4102-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4102-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037007?format=api", "purl": "pkg:deb/debian/libreoffice@1:5.2.7-1%2Bdeb9u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11vv-gd2v-2qhk" }, { "vulnerability": "VCID-1981-p3m3-sfhe" }, { "vulnerability": "VCID-1vte-fcdx-nfcd" }, { "vulnerability": "VCID-1ykj-3m3w-1fez" }, { "vulnerability": "VCID-3kcp-zzcm-kfc9" }, { "vulnerability": "VCID-5rdw-edhu-qbhf" }, { "vulnerability": "VCID-7y9n-6x5a-k3eg" }, { "vulnerability": "VCID-91c1-yujx-zbft" }, { "vulnerability": "VCID-b13x-6q14-gfau" }, { "vulnerability": "VCID-bywq-ypgf-xyae" }, { "vulnerability": "VCID-c1fx-u5yh-jucb" }, { "vulnerability": "VCID-dt65-hb25-t7ck" }, { "vulnerability": "VCID-hnaa-96w8-3uhu" }, { "vulnerability": "VCID-jew4-uq9k-93b3" }, { "vulnerability": "VCID-jmtk-qy9f-z3hu" }, { "vulnerability": "VCID-k36c-4eyp-p7hq" }, { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-ma9t-qst9-xbcm" }, { "vulnerability": "VCID-n34y-vynb-qbae" }, { "vulnerability": "VCID-pc43-5jvh-fbe2" }, { "vulnerability": "VCID-pkz4-5wxb-5qdc" }, { "vulnerability": "VCID-qt46-94xf-eyaz" }, { "vulnerability": "VCID-re5e-qp85-ybdd" }, { "vulnerability": "VCID-sega-433y-v7bb" }, { "vulnerability": "VCID-sqwy-enu1-1uep" }, { "vulnerability": "VCID-u1ry-xuyn-77fm" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-us6f-vsb9-83ck" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" }, { "vulnerability": "VCID-y2ja-v9xa-k7af" }, { "vulnerability": "VCID-zh9v-egc2-ufc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:5.2.7-1%252Bdeb9u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037966?format=api", "purl": "pkg:deb/debian/libreoffice@1:6.1.5-3%2Bdeb10u7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-11vv-gd2v-2qhk" }, { "vulnerability": "VCID-1981-p3m3-sfhe" }, { "vulnerability": "VCID-1vte-fcdx-nfcd" }, { "vulnerability": "VCID-1ykj-3m3w-1fez" }, { "vulnerability": "VCID-3kcp-zzcm-kfc9" }, { "vulnerability": "VCID-5rdw-edhu-qbhf" }, { "vulnerability": "VCID-7y9n-6x5a-k3eg" }, { "vulnerability": "VCID-91c1-yujx-zbft" }, { "vulnerability": "VCID-b13x-6q14-gfau" }, { "vulnerability": "VCID-bywq-ypgf-xyae" }, { "vulnerability": "VCID-c1fx-u5yh-jucb" }, { "vulnerability": "VCID-dt65-hb25-t7ck" }, { "vulnerability": "VCID-hnaa-96w8-3uhu" }, { "vulnerability": "VCID-jew4-uq9k-93b3" }, { "vulnerability": "VCID-k36c-4eyp-p7hq" }, { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-ma9t-qst9-xbcm" }, { "vulnerability": "VCID-n34y-vynb-qbae" }, { "vulnerability": "VCID-pc43-5jvh-fbe2" }, { "vulnerability": "VCID-pkz4-5wxb-5qdc" }, { "vulnerability": "VCID-re5e-qp85-ybdd" }, { "vulnerability": "VCID-sega-433y-v7bb" }, { "vulnerability": "VCID-u1ry-xuyn-77fm" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" }, { "vulnerability": "VCID-y2ja-v9xa-k7af" }, { "vulnerability": "VCID-zh9v-egc2-ufc5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:6.1.5-3%252Bdeb10u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2019-9851" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sega-433y-v7bb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49796?format=api", "vulnerability_id": "VCID-u1ry-xuyn-77fm", "summary": "Multiple vulnerabilities have been discovered in LibreOffice, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0950.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0950.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0950", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19746", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19377", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19652", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19657", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19608", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19549", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19513", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19522", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19534", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19427", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19416", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19796", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.1952", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.196", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2255", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2255" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210186", "reference_id": "2210186", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210186" }, { "reference_url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2023-0950", "reference_id": "CVE-2023-0950", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:28:15Z/" } ], "url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2023-0950" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5415", "reference_id": "dsa-5415", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:28:15Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5415" }, { "reference_url": "https://security.gentoo.org/glsa/202311-15", "reference_id": "GLSA-202311-15", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:28:15Z/" } ], "url": "https://security.gentoo.org/glsa/202311-15" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00014.html", "reference_id": "msg00014.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:28:15Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00014.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6508", "reference_id": "RHSA-2023:6508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6933", "reference_id": "RHSA-2023:6933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6933" }, { "reference_url": "https://usn.ubuntu.com/6144-1/", "reference_id": "USN-6144-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6144-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2023-0950" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u1ry-xuyn-77fm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81205?format=api", "vulnerability_id": "VCID-y2ja-v9xa-k7af", "summary": "libreoffice: forms allowed to be submitted to any URI could result in local file overwrite", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12803.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12803.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12803", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.63957", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64102", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64092", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64105", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64015", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64043", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64003", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64054", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64071", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64083", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64069", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64039", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64074", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64085", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00459", "scoring_system": "epss", "scoring_elements": "0.64072", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12803" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848346", "reference_id": "1848346", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848346" }, { "reference_url": "https://security.archlinux.org/AVG-1184", "reference_id": "AVG-1184", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1184" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4628", "reference_id": "RHSA-2020:4628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4628" }, { "reference_url": "https://usn.ubuntu.com/5694-1/", "reference_id": "USN-5694-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5694-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2020-12803" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y2ja-v9xa-k7af" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49797?format=api", "vulnerability_id": "VCID-zh9v-egc2-ufc5", "summary": "Multiple vulnerabilities have been discovered in LibreOffice, the worst of which could lead to code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2255.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2255.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2255", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.42502", "scoring_system": "epss", "scoring_elements": "0.97474", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.42502", "scoring_system": "epss", "scoring_elements": "0.97472", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.42502", "scoring_system": "epss", "scoring_elements": "0.97471", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.49062", "scoring_system": "epss", "scoring_elements": "0.97773", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.49062", "scoring_system": "epss", "scoring_elements": "0.97775", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.49062", "scoring_system": "epss", "scoring_elements": "0.97781", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.49062", "scoring_system": "epss", "scoring_elements": "0.97783", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.50818", "scoring_system": "epss", "scoring_elements": "0.97846", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.50818", "scoring_system": "epss", "scoring_elements": "0.97853", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.50818", "scoring_system": "epss", "scoring_elements": "0.97856", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.50818", "scoring_system": "epss", "scoring_elements": "0.97858", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.50818", "scoring_system": "epss", "scoring_elements": "0.97849", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.50818", "scoring_system": "epss", "scoring_elements": "0.97845", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2255" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2255", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2255" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210185", "reference_id": "2210185", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210185" }, { "reference_url": "https://security.gentoo.org/glsa/202311-15", "reference_id": "GLSA-202311-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202311-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6508", "reference_id": "RHSA-2023:6508", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6508" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6933", "reference_id": "RHSA-2023:6933", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6933" }, { "reference_url": "https://usn.ubuntu.com/6144-1/", "reference_id": "USN-6144-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6144-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049241?format=api", "purl": "pkg:deb/debian/libreoffice@1:7.0.4-4%2Bdeb11u10", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-k6mn-jky6-wqg2" }, { "vulnerability": "VCID-kx13-c2d7-nke3" }, { "vulnerability": "VCID-u6wr-a1wv-byax" }, { "vulnerability": "VCID-w6ze-2zem-p3ev" }, { "vulnerability": "VCID-xkby-5yru-97gd" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" } ], "aliases": [ "CVE-2023-2255" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zh9v-egc2-ufc5" } ], "risk_score": "3.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libreoffice@1:7.0.4-4%252Bdeb11u10" }