Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Workstation Extension 15 SP4 package libreoffice, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (8)
CVE-2022-26307 — CVSS 8.8 (high): LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are…
CVE-2023-6185 — CVSS 8.3 (high): Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute…
CVE-2023-6186 — CVSS 8.3 (high): Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without…
CVE-2023-0950 — CVSS 7.8 (high): Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to…
CVE-2022-26305 — CVSS 7.5 (high): An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was…
CVE-2022-3140 — CVSS 6.3 (medium): LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme…
CVE-2023-2255 — CVSS 5.3 (medium): Improper access control in editor components of The Document Foundation LibreOffice allowed an attacker to craft a document that would…
CVE-2023-1183 — CVSS 5.0 (medium): A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where…