Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-2866

Опубликовано: 27 апр. 2025
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 5.5

Описание

Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. In the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause invalid signatures to be accepted as valid This issue affects LibreOffice: from 24.8 before < 24.8.6, from 25.2 before < 25.2.2.

РелизСтатусПримечание
devel

not-affected

4:25.2.2-0ubuntu1
esm-infra/focal

released

1:6.4.7-0ubuntu0.20.04.15
focal

released

1:6.4.7-0ubuntu0.20.04.15
jammy

released

1:7.3.7-0ubuntu0.22.04.10
noble

released

4:24.2.7-0ubuntu0.24.04.4
oracular

released

4:24.8.6-0ubuntu0.24.10.2
plucky

not-affected

4:25.2.2-0ubuntu1
upstream

released

24.8.6,4:25.2.2-1

Показывать по

Ссылки на источники

EPSS

Процентиль: 3%
0.00016
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2025-2866

CVSS3: 2.8
redhat
6 месяцев назад

Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. In the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause invalid signatures to be accepted as valid This issue affects LibreOffice: from 24.8 before < 24.8.6, from 25.2 before < 25.2.2.

nvd логотип

CVE-2025-2866

CVSS3: 5.5
nvd
6 месяцев назад

Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. In the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause invalid signatures to be accepted as valid This issue affects LibreOffice: from 24.8 before < 24.8.6, from 25.2 before < 25.2.2.

debian логотип

CVE-2025-2866

CVSS3: 5.5
debian
6 месяцев назад

Improper Verification of Cryptographic Signature vulnerability in Libr ...

github логотип

GHSA-22mj-r7hq-f9h2

CVSS3: 9.8
github
6 месяцев назад

Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. In the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause invalid signatures to be accepted as valid This issue affects LibreOffice: from 24.8 before < 24.8.6, from 25.2 before < 25.2.2.

fstec логотип

BDU:2025-05910

CVSS3: 9.8
fstec
6 месяцев назад

Уязвимость пакета офисных программ LibreOffice, связанная с некорректной проверкой криптографической подписи, позволяющая нарушителю подделывать цифровые подписи

EPSS

Процентиль: 3%
0.00016
Низкий

5.5 Medium

CVSS3