Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-7788

Improper Digital Signature Invalidation vulnerability in Zip Repair Mode of The Document Foundation LibreOffice allows Signature forgery vulnerability in LibreOfficeThis issue affects LibreOffice: from 24.2 before < 24.2.5.

Published

2024-09-17T15:15:14.413

Last Modified

2024-11-21T09:52:07.257

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Secondary
CWE-347
Type: Primary
CWE-347

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	libreoffice	libreoffice	< 24.2.5	Yes

References

https://www.libreoffice.org/about-us/security/advisories/CVE-2024-7788 Vendor Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2024/10/msg00007.html (af854a3a-2127-422b-91ae-364da2661108)