CVE-2022-38745
HIGH7.8EPSS 0.13%libreoffice - security update
發布日:2023/3/24修改日:2026/4/28
描述
Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.
受影響套件(2)
- Debian/libreofficefrom 0, < 1:7.0.4-4+deb11u6
- Debian/libreofficefrom 0, < 1:6.1.5-3+deb10u10
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.8 | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |