CVE-2022-38745

Description

Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.

Related CPE's

a apache openoffice ********

References

https://www.openoffice.org/security/cves/CVE-2022-38745.html

Vendor Advisory

https://lists.apache.org/thread/q3noq7m681kvtb29m28x74q8cnwnzzo0

Mailing ListVendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io