Описание
Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. In the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause invalid signatures to be accepted as valid This issue affects LibreOffice: from 24.8 before < 24.8.6, from 25.2 before < 25.2.2.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 4:25.2.2-0ubuntu1 |
| esm-infra/focal | not-affected | 1:6.4.7-0ubuntu0.20.04.15 |
| focal | released | 1:6.4.7-0ubuntu0.20.04.15 |
| jammy | released | 1:7.3.7-0ubuntu0.22.04.10 |
| noble | released | 4:24.2.7-0ubuntu0.24.04.4 |
| oracular | released | 4:24.8.6-0ubuntu0.24.10.2 |
| plucky | not-affected | 4:25.2.2-0ubuntu1 |
| upstream | released | 24.8.6,4:25.2.2-1 |
Показывать по
5.5 Medium
CVSS3
Связанные уязвимости
Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. In the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause invalid signatures to be accepted as valid This issue affects LibreOffice: from 24.8 before < 24.8.6, from 25.2 before < 25.2.2.
Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. In the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause invalid signatures to be accepted as valid This issue affects LibreOffice: from 24.8 before < 24.8.6, from 25.2 before < 25.2.2.
Improper Verification of Cryptographic Signature vulnerability in Libr ...
Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper Validation. In the affected versions of LibreOffice a flaw in the verification code for adbe.pkcs7.sha1 signatures could cause invalid signatures to be accepted as valid This issue affects LibreOffice: from 24.8 before < 24.8.6, from 25.2 before < 25.2.2.
Уязвимость пакета офисных программ LibreOffice, связанная с некорректной проверкой криптографической подписи, позволяющая нарушителю подделывать цифровые подписи
5.5 Medium
CVSS3