CVE-2024-6472

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-6472
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-6472.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-6472
Related
Published
2024-08-05T13:15:47Z
Modified
2024-09-18T03:26:40.964684Z
Downstream
Summary
[none]
Details

Certificate Validation user interface in LibreOffice allows potential vulnerability.

Signed macros are scripts that have been digitally signed by the developer using a cryptographic signature. When a document with a signed macro is opened a warning is displayed by LibreOffice before the macro is executed.

Previously if verification failed the user could fail to understand the failure and choose to enable the macros anyway.

This issue affects LibreOffice: from 24.2 before 24.2.5.

References

Affected packages

Debian:11 / libreoffice

Package

Name
libreoffice
Purl
pkg:deb/debian/libreoffice?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:7.0.4-4+deb11u10

Affected versions

1:7.*

1:7.0.4-4
1:7.0.4-4+deb11u1~bpo10+1
1:7.0.4-4+deb11u1
1:7.0.4-4+deb11u2
1:7.0.4-4+deb11u3~bpo10+1
1:7.0.4-4+deb11u3
1:7.0.4-4+deb11u4~bpo10+1
1:7.0.4-4+deb11u4
1:7.0.4-4+deb11u5
1:7.0.4-4+deb11u6
1:7.0.4-4+deb11u7
1:7.0.4-4+deb11u8
1:7.0.4-4+deb11u9

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / libreoffice

Package

Name
libreoffice
Purl
pkg:deb/debian/libreoffice?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4:7.4.7-1+deb12u4

Affected versions

4:7.*

4:7.4.5-3
4:7.4.7-1~bpo11+1
4:7.4.7-1
4:7.4.7-1+deb12u1~bpo11+1
4:7.4.7-1+deb12u1
4:7.4.7-1+deb12u2~bpo11+1
4:7.4.7-1+deb12u2
4:7.4.7-1+deb12u3

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / libreoffice

Package

Name
libreoffice
Purl
pkg:deb/debian/libreoffice?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4:24.2.5-1

Affected versions

4:7.*

4:7.4.5-3
4:7.4.7-1~bpo11+1
4:7.4.7-1
4:7.5.0~rc2-7
4:7.5.0~rc3-1
4:7.5.1~rc1-1
4:7.5.1~rc2-1
4:7.5.2~rc1-1
4:7.5.2~rc2-1
4:7.5.3~rc1-1
4:7.5.3~rc2-1
4:7.5.4~rc1-1
4:7.5.4~rc1-2
4:7.5.4~rc1-3
4:7.5.4~rc1-4
4:7.5.4~rc2-1
4:7.5.4-1
4:7.5.4-2
4:7.5.4-3
4:7.5.4-4
4:7.5.5~rc1-1
4:7.5.5~rc1-2
4:7.5.5~rc1-3
4:7.5.5~rc1-4
4:7.5.5~rc1-5
4:7.5.5~rc2-1
4:7.5.5-1
4:7.5.5-2
4:7.5.5-3~bpo12+1
4:7.5.5-3
4:7.5.5-4~bpo12+1
4:7.5.5-4
4:7.5.6-1~bpo12+1
4:7.5.6-1
4:7.5.7-1
4:7.5.8~rc1-1
4:7.5.8~rc1-2
4:7.5.8-1~bpo12+1
4:7.5.8-1
4:7.5.9~rc1-1~bpo12+1
4:7.5.9~rc1-1~bpo12+2
4:7.5.9~rc1-1
4:7.6.0~rc1-1
4:7.6.0~rc1-2
4:7.6.0~rc2-1
4:7.6.0~rc2-2
4:7.6.0~rc3-1
4:7.6.1~rc1-1
4:7.6.1~rc2-1
4:7.6.1~rc2-2
4:7.6.2-1
4:7.6.2-2
4:7.6.2-3
4:7.6.2-4
4:7.6.2-5
4:7.6.3~rc1-1
4:7.6.3~rc1-2
4:7.6.3~rc2-1
4:7.6.3~rc2-2
4:7.6.3-1
4:7.6.3-2
4:7.6.4~rc1-1~bpo12+1
4:7.6.4~rc1-1

4:24.*

4:24.2.0~alpha1-1
4:24.2.0~beta1-1
4:24.2.0~rc1-1
4:24.2.0~rc1-2
4:24.2.0~rc2-1
4:24.2.0~rc2-2~bpo12+1
4:24.2.0~rc2-2
4:24.2.0-1~bpo12+1
4:24.2.0-1
4:24.2.0-2
4:24.2.0-3
4:24.2.1~rc1-1
4:24.2.1~rc2-1
4:24.2.1-1
4:24.2.1-2
4:24.2.1-3
4:24.2.1-4
4:24.2.2~rc1-1
4:24.2.2~rc1-2
4:24.2.2~rc2-1
4:24.2.2~rc2-2
4:24.2.2-1
4:24.2.2-2
4:24.2.2-3
4:24.2.3~rc1-1
4:24.2.3~rc1-2
4:24.2.3~rc1-3
4:24.2.3~rc2-1
4:24.2.3-1~bpo12+1
4:24.2.3-1
4:24.2.3-2
4:24.2.4-1~bpo12+1
4:24.2.4-1
4:24.2.5-1~bpo12+1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}