Improper Digital Signature Invalidation vulnerability in... · CVE-2024-7788 · GitHub Advisory Database · GitHub

Improper Digital Signature Invalidation vulnerability in...

High severity Unreviewed Published Sep 17, 2024 to the GitHub Advisory Database • Updated Sep 17, 2024

Package

No package listed— Suggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before < 24.2.5.

References

Published by the National Vulnerability Database

Sep 17, 2024

Published to the GitHub Advisory Database Sep 17, 2024

Last updated Sep 17, 2024

Severity

High

/ 10

CVSS v3 base metrics

Attack vector

Local

Attack complexity

Low

Privileges required

None

User interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H