{"url":"http://public2.vulnerablecode.io/api/packages/95895?format=json","purl":"pkg:rpm/redhat/libreoffice@1:6.4.7.2-15?arch=el8","type":"rpm","namespace":"redhat","name":"libreoffice","version":"1:6.4.7.2-15","qualifiers":{"arch":"el8"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78335?format=json","vulnerability_id":"VCID-e7dq-77gj-1fc2","summary":"libreoffice: Arbitrary file write","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1183.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1183.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1183","reference_id":"","reference_type":"","scores":[{"value":"0.06891","scoring_system":"epss","scoring_elements":"0.91338","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06891","scoring_system":"epss","scoring_elements":"0.91348","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06891","scoring_system":"epss","scoring_elements":"0.91356","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06891","scoring_system":"epss","scoring_elements":"0.91368","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06891","scoring_system":"epss","scoring_elements":"0.91375","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06891","scoring_system":"epss","scoring_elements":"0.91382","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06891","scoring_system":"epss","scoring_elements":"0.91385","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06891","scoring_system":"epss","scoring_elements":"0.91384","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06891","scoring_system":"epss","scoring_elements":"0.91409","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06891","scoring_system":"epss","scoring_elements":"0.91407","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06891","scoring_system":"epss","scoring_elements":"0.91419","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06891","scoring_system":"epss","scoring_elements":"0.91417","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06891","scoring_system":"epss","scoring_elements":"0.91416","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06891","scoring_system":"epss","scoring_elements":"0.91431","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1183"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1183","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1183"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2208506","reference_id":"2208506","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2208506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6508","reference_id":"RHSA-2023:6508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6933","reference_id":"RHSA-2023:6933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6933"}],"fixed_packages":[],"aliases":["CVE-2023-1183"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e7dq-77gj-1fc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78551?format=json","vulnerability_id":"VCID-jew4-uq9k-93b3","summary":"libreoffice: Empty entry in Java class path","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38745.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38745.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38745","reference_id":"","reference_type":"","scores":[{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.289","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28851","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28813","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28773","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28707","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31739","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32267","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32092","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31968","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31886","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32349","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32311","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32283","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.3232","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32296","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38745"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182044","reference_id":"2182044","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182044"},{"reference_url":"https://www.openoffice.org/security/cves/CVE-2022-38745.html","reference_id":"CVE-2022-38745.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-13T14:37:34Z/"}],"url":"https://www.openoffice.org/security/cves/CVE-2022-38745.html"},{"reference_url":"https://lists.apache.org/thread/q3noq7m681kvtb29m28x74q8cnwnzzo0","reference_id":"q3noq7m681kvtb29m28x74q8cnwnzzo0","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-13T14:37:34Z/"}],"url":"https://lists.apache.org/thread/q3noq7m681kvtb29m28x74q8cnwnzzo0"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6508","reference_id":"RHSA-2023:6508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6933","reference_id":"RHSA-2023:6933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6933"},{"reference_url":"https://usn.ubuntu.com/6023-1/","reference_id":"USN-6023-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6023-1/"}],"fixed_packages":[],"aliases":["CVE-2022-38745"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jew4-uq9k-93b3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49796?format=json","vulnerability_id":"VCID-u1ry-xuyn-77fm","summary":"Multiple vulnerabilities have been discovered in LibreOffice, the worst of which could lead to code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0950.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0950.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0950","reference_id":"","reference_type":"","scores":[{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19746","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19268","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19657","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19608","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19549","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19513","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19522","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19534","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19427","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19416","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19377","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19796","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.1952","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.196","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19652","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2255","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2255"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2210186","reference_id":"2210186","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2210186"},{"reference_url":"https://www.libreoffice.org/about-us/security/advisories/CVE-2023-0950","reference_id":"CVE-2023-0950","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:28:15Z/"}],"url":"https://www.libreoffice.org/about-us/security/advisories/CVE-2023-0950"},{"reference_url":"https://www.debian.org/security/2023/dsa-5415","reference_id":"dsa-5415","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:28:15Z/"}],"url":"https://www.debian.org/security/2023/dsa-5415"},{"reference_url":"https://security.gentoo.org/glsa/202311-15","reference_id":"GLSA-202311-15","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:28:15Z/"}],"url":"https://security.gentoo.org/glsa/202311-15"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00014.html","reference_id":"msg00014.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:28:15Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00014.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6508","reference_id":"RHSA-2023:6508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6933","reference_id":"RHSA-2023:6933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6933"},{"reference_url":"https://usn.ubuntu.com/6144-1/","reference_id":"USN-6144-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6144-1/"}],"fixed_packages":[],"aliases":["CVE-2023-0950"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u1ry-xuyn-77fm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49797?format=json","vulnerability_id":"VCID-zh9v-egc2-ufc5","summary":"Multiple vulnerabilities have been discovered in LibreOffice, the worst of which could lead to code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2255.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2255.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2255","reference_id":"","reference_type":"","scores":[{"value":"0.42502","scoring_system":"epss","scoring_elements":"0.97478","published_at":"2026-05-05T12:55:00Z"},{"value":"0.42502","scoring_system":"epss","scoring_elements":"0.97472","published_at":"2026-04-26T12:55:00Z"},{"value":"0.42502","scoring_system":"epss","scoring_elements":"0.97471","published_at":"2026-04-24T12:55:00Z"},{"value":"0.42502","scoring_system":"epss","scoring_elements":"0.97474","published_at":"2026-04-29T12:55:00Z"},{"value":"0.49062","scoring_system":"epss","scoring_elements":"0.97775","published_at":"2026-04-13T12:55:00Z"},{"value":"0.49062","scoring_system":"epss","scoring_elements":"0.97781","published_at":"2026-04-16T12:55:00Z"},{"value":"0.49062","scoring_system":"epss","scoring_elements":"0.97783","published_at":"2026-04-18T12:55:00Z"},{"value":"0.49062","scoring_system":"epss","scoring_elements":"0.97773","published_at":"2026-04-12T12:55:00Z"},{"value":"0.50818","scoring_system":"epss","scoring_elements":"0.97849","published_at":"2026-04-07T12:55:00Z"},{"value":"0.50818","scoring_system":"epss","scoring_elements":"0.97856","published_at":"2026-04-09T12:55:00Z"},{"value":"0.50818","scoring_system":"epss","scoring_elements":"0.97858","published_at":"2026-04-11T12:55:00Z"},{"value":"0.50818","scoring_system":"epss","scoring_elements":"0.97853","published_at":"2026-04-08T12:55:00Z"},{"value":"0.50818","scoring_system":"epss","scoring_elements":"0.97845","published_at":"2026-04-02T12:55:00Z"},{"value":"0.50818","scoring_system":"epss","scoring_elements":"0.97846","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2255"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2255","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2255"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2210185","reference_id":"2210185","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2210185"},{"reference_url":"https://security.gentoo.org/glsa/202311-15","reference_id":"GLSA-202311-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202311-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6508","reference_id":"RHSA-2023:6508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6933","reference_id":"RHSA-2023:6933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6933"},{"reference_url":"https://usn.ubuntu.com/6144-1/","reference_id":"USN-6144-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6144-1/"}],"fixed_packages":[],"aliases":["CVE-2023-2255"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zh9v-egc2-ufc5"}],"fixing_vulnerabilities":[],"risk_score":"3.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libreoffice@1:6.4.7.2-15%3Farch=el8"}