CVE-2021-25631 — Incomplete List of Disallowed Inputs in Document Foundation Libreoffice

CWE-184 — Incomplete List of Disallowed Inputs4 documents4 sources

Severity

8.8HIGHNVD

EPSS

1.7%

top 17.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

THE Document Foundation Libreoffice Libreoffice

Timeline

PublishedMay 3

Latest updateMay 24

Description

In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶NVDlibreoffice/libreoffice7.0.0 — 7.0.5+1

▶CVEListV5the_document_foundation/libreoffice7.1 — 7.1.2+1

🔴Vulnerability Details

GHSA

GHSA-8xj5-7228-hcfg: In the LibreOffice 7-1 series in versions prior to 7↗2022-05-24

▶

CVEList

denylist of executable filename extensions possible to bypass under windows↗2021-05-03

▶

📋Vendor Advisories

Debian

CVE-2021-25631: libreoffice - In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series ...↗2021

▶