| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-12803 | 4.3 |
ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which
|
31-12-2023 - 14:15 | 08-06-2020 - 16:15 | |
| CVE-2018-10583 | 5.0 |
An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg with
|
21-10-2020 - 13:15 | 01-05-2018 - 16:29 | |
| CVE-2019-9854 | 6.8 |
LibreOffice has a feature where documents can specify that pre-installed macros can be executed on various script events such as mouse-over, document-open etc. Access is intended to be restricted to scripts under the share/Scripts/python, user/Script
|
24-08-2020 - 17:37 | 06-09-2019 - 19:15 | |
| CVE-2018-16858 | 7.5 |
It was found that libreoffice before versions 6.0.7 and 6.1.3 was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craft a document, which when opened by LibreOffice
|
06-08-2019 - 17:15 | 25-03-2019 - 18:29 |