CVE-2023-6185

Опубликовано: 11 дек. 2023

Источник: ubuntu

Приоритет: medium

CVSS3: 8.3

Описание

Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary GStreamer plugins. In affected versions the filename of the embedded video is not sufficiently escaped when passed to GStreamer enabling an attacker to run arbitrary gstreamer plugins depending on what plugins are installed on the target system.

Релиз	Статус	Примечание
bionic	ignored	end of standard support
devel	released	4:7.6.4-0ubuntu1
esm-infra/focal	released	1:6.4.7-0ubuntu0.20.04.9
focal	released	1:6.4.7-0ubuntu0.20.04.9
jammy	released	1:7.3.7-0ubuntu0.22.04.4
lunar	released	4:7.5.9-0ubuntu0.23.04.1
mantic	released	4:7.6.4-0ubuntu0.23.10.1
trusty	ignored	end of standard support
upstream	released	7.5.9,7.6.3
xenial	ignored	end of standard support

Показывать по

Ссылки на источники

8.3 High

CVSS3

Связанные уязвимости

CVE-2023-6185

CVSS3: 8.3

redhat

около 2 лет назад

CVE-2023-6185

CVSS3: 8.3

nvd

около 2 лет назад

CVE-2023-6185

CVSS3: 8.3

debian

около 2 лет назад

Improper Input Validation vulnerability in GStreamer integration of Th ...

GHSA-58qf-gq3r-xwgx

CVSS3: 8.3

github

около 2 лет назад

ELSA-2024-3304

oracle-oval

больше 1 года назад

ELSA-2024-3304: libreoffice security fix update (IMPORTANT)

8.3 High

CVSS3

CVE-2023-6185

Описание

Пакет libreoffice

Ссылки на источники

Связанные уязвимости