CVE-2021-25635

Medium CVSS: 5.2

An Improper Certificate Validation vulnerability in LibreOffice allowed
an attacker to self sign an ODF document, with a signature untrusted by
the target, then modify it to change the signature algorithm to an
invalid (or unknown to LibreOffice) algorithm and LibreOffice would incorrectly present such a signature with an unknown algorithm as a
valid signature issued by a trusted person

This issue affects LibreOffice: from 7.0 before 7.0.5, from 7.1 before 7.1.1.

Vendor

Libreoffice

Product

Libreoffice

CWE

CWE-295

Yayın Tarihi

2025-03-21 15:15:35

Güncelleme

2025-12-10 19:18:58

Source Identifier

security@documentfoundation.org

KEV Date Added

Kategoriler

CWE-295 Libreoffice MEDIUM Libreoffice 2025

Referanslar

https://www.libreoffice.org/about-us/security/advisories/cve-2021-25635/

Benzer Kayıtlar

Low

CVE-2025-14714

An Authentication Bypass vulnerability existed where the application bundled an interpreter (Python) that inherits the T…

Low

CVE-2025-2866

Improper Verification of Cryptographic Signature vulnerability in LibreOffice allows PDF Signature Spoofing by Improper…

High

CVE-2025-1080

LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An addit…

High

CVE-2025-0514

Improper Input Validation vulnerability in The Document Foundation LibreOffice allows Windows Executable hyperlink targ…

Medium

CVE-2024-12426

Exposure of Environmental Variables and arbitrary INI file values to an Unauthorized Actor vulnerability in The Document…

Low

CVE-2024-12425

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The Document Foundation…