Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2025:2868

Опубликовано: 07 мая 2025
Источник: rocky
Оценка: Important

Описание

Important: libreoffice security update

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.

Security Fix(es):

  • libreoffice: Macro URL arbitrary script execution (CVE-2025-1080)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
autocorr-afnoarch19.el8_10autocorr-af-6.4.7.2-19.el8_10.noarch.rpm
autocorr-bgnoarch19.el8_10autocorr-bg-6.4.7.2-19.el8_10.noarch.rpm
autocorr-canoarch19.el8_10autocorr-ca-6.4.7.2-19.el8_10.noarch.rpm
autocorr-csnoarch19.el8_10autocorr-cs-6.4.7.2-19.el8_10.noarch.rpm
autocorr-danoarch19.el8_10autocorr-da-6.4.7.2-19.el8_10.noarch.rpm
autocorr-denoarch19.el8_10autocorr-de-6.4.7.2-19.el8_10.noarch.rpm
autocorr-ennoarch19.el8_10autocorr-en-6.4.7.2-19.el8_10.noarch.rpm
autocorr-esnoarch19.el8_10autocorr-es-6.4.7.2-19.el8_10.noarch.rpm
autocorr-fanoarch19.el8_10autocorr-fa-6.4.7.2-19.el8_10.noarch.rpm
autocorr-finoarch19.el8_10autocorr-fi-6.4.7.2-19.el8_10.noarch.rpm

Показывать по

Связанные CVE

CVE-2025-1080

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2025-1080

ubuntu
4 месяца назад

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice a link in a browser using that scheme could be constructed with an embedded inner URL that when passed to LibreOffice could call internal macros with arbitrary arguments. This issue affects LibreOffice: from 24.8 before < 24.8.5, from 25.2 before < 25.2.1.

redhat логотип

CVE-2025-1080

CVSS3: 7.6
redhat
4 месяца назад

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice a link in a browser using that scheme could be constructed with an embedded inner URL that when passed to LibreOffice could call internal macros with arbitrary arguments. This issue affects LibreOffice: from 24.8 before < 24.8.5, from 25.2 before < 25.2.1.

nvd логотип

CVE-2025-1080

nvd
4 месяца назад

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice a link in a browser using that scheme could be constructed with an embedded inner URL that when passed to LibreOffice could call internal macros with arbitrary arguments. This issue affects LibreOffice: from 24.8 before < 24.8.5, from 25.2 before < 25.2.1.

debian логотип

CVE-2025-1080

debian
4 месяца назад

LibreOffice supports Office URI Schemes to enable browser integration ...

github логотип

GHSA-gcgr-r4x5-w79r

github
4 месяца назад

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice a link in a browser using that scheme could be constructed with an embedded inner URL that when passed to LibreOffice could call internal macros with arbitrary arguments. This issue affects LibreOffice: from 24.8 before < 24.8.5, from 25.2 before < 25.2.1.