How severe is CVE-2021-25631?

CVE-2021-25631 has a CVSS v3 score of 8.8 (HIGH).

CVE-2021-25631

Name: libreoffice
Author: libreoffice

8.8HIGH

In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist b

公開日: 5/3/2021更新日: 11/21/2024

説明

In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type.

AI分析AIによる分析

影響を受ける製品

libreofficelibreoffice

参照

https://positive.security/blog/url-open-rce#open-libreoffice
ExploitThird Party Advisory
https://www.libreoffice.org/about-us/security/advisories/cve-2021-25631/
Vendor Advisory
https://positive.security/blog/url-open-rce#open-libreoffice
ExploitThird Party Advisory
https://www.libreoffice.org/about-us/security/advisories/cve-2021-25631/
Vendor Advisory