How severe is CVE-2021-25631?

CVE-2021-25631 has a CVSS v3 score of 8.8 (HIGH).

CVE-2021-25631

Name: libreoffice
Author: libreoffice

8.8HIGH

In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist b

Veröffentlicht: 5/3/2021Aktualisiert: 11/21/2024

Beschreibung

In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type.

KI-AnalyseKI-gestützt

Betroffene Produkte

libreofficelibreoffice

Referenzen

https://positive.security/blog/url-open-rce#open-libreoffice
ExploitThird Party Advisory
https://www.libreoffice.org/about-us/security/advisories/cve-2021-25631/
Vendor Advisory
https://positive.security/blog/url-open-rce#open-libreoffice
ExploitThird Party Advisory
https://www.libreoffice.org/about-us/security/advisories/cve-2021-25631/
Vendor Advisory