CVE-2022-38745 — Vulnetix

CVE-2022-38745 PUBLISHED

Es existiert eine Schwachstelle in Apache OpenOffice und Libreoffice. Es ist möglich, dass ein leerer Eintrag zum Java-Klassenpfad hinzugefügt wird. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuführen.

EPSS 0.13% · 31.9th percentile

Risk Scores

EPSS Score

0.13%

31.9th percentile

Affected Products

Vendor	Product	Versions
Ubuntu	Ubuntu Linux
Red Hat	Red Hat Enterprise Linux
Oracle	Oracle Linux

Exploit Intelligence

https://lists.apache.org/thread/q3noq7m681kvtb29m28x74q8cnwnzzo0 (circl)
https://www.openoffice.org/security/cves/CVE-2022-38745.html (circl)

Timeline

Mar 24, 2023 CVE Published
Mar 25, 2023 EPSS Score
May 2, 2023 EPSS Score
Jun 10, 2023 EPSS Score
Jul 18, 2023 EPSS Score
Aug 25, 2023 EPSS Score
Oct 3, 2023 EPSS Score
Nov 10, 2023 EPSS Score
Dec 18, 2023 EPSS Score
Mar 4, 2024 EPSS Score
Apr 11, 2024 EPSS Score
May 20, 2024 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0760.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0760 advisory
https://www.libreoffice.org/about-us/security/advisories/cve-2022-38745/ advisory
https://www.openoffice.org/security/cves/CVE-2022-38745.html advisory
https://www.openoffice.org/security/cves/CVE-2022-47502.html advisory
https://ubuntu.com/security/notices/USN-6023-1 advisory
https://access.redhat.com/errata/RHSA-2023:6508 advisory
https://access.redhat.com/errata/RHSA-2023:6933 advisory
https://linux.oracle.com/errata/ELSA-2024-3304.html advisory
https://linux.oracle.com/errata/ELSA-2024-3835.html advisory

Open in Interactive Console →