| Name | CVE-2021-25631 |
| Description | In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type. |
| Source | CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more) |
Vulnerable and fixed packages
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|
| libreoffice (PTS) | jessie, jessie (lts) | 1:4.3.3-2+deb8u15 | fixed |
| stretch (security) | 1:5.2.7-1+deb9u11 | fixed |
| stretch (lts), stretch | 1:6.1.5-3~deb9u2 | fixed |
| buster | 1:6.1.5-3+deb10u7 | fixed |
| buster (security) | 1:6.1.5-3+deb10u11 | fixed |
| bullseye | 1:7.0.4-4+deb11u8 | fixed |
| bullseye (security) | 1:7.0.4-4+deb11u9 | fixed |
| bookworm | 4:7.4.7-1+deb12u1 | fixed |
| bookworm (security) | 4:7.4.7-1+deb12u2 | fixed |
| sid, trixie | 4:24.2.3-1 | fixed |
The information below is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|
| libreoffice | source | (unstable) | (not affected) | | | |
Notes
- libreoffice <not-affected> (Libreoffice on Windows)
https://positive.security/blog/url-open-rce#open-libreoffice