CVE-2021-25635

EUVD-2021-12531
An Improper Certificate Validation vulnerability in LibreOffice allowed 
an attacker to self sign an ODF document, with a signature untrusted by 
the target, then modify it to change the signature algorithm to an 
invalid (or unknown to LibreOffice) algorithm and LibreOffice would incorrectly present such a signature with an unknown algorithm as a 
valid signature issued by a trusted person


This issue affects LibreOffice: from 7.0 before 7.0.5, from 7.1 before 7.1.1.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
Affected Products (NVD)
VendorProductVersion
libreofficelibreoffice
7.0.0 ≤
𝑥
< 7.0.5.1
libreofficelibreoffice
7.1.0.0 ≤
𝑥
≤ 7.1.1.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libreoffice
bookworm
4:7.4.7-1+deb12u4
fixed
bookworm (security)
4:7.4.7-1+deb12u5
fixed
bullseye
1:7.0.4-4+deb11u10
fixed
bullseye (security)
1:7.0.4-4+deb11u11
fixed
sid
4:24.8.2-2
fixed
trixie
4:24.8.2-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libreoffice
bionic
not-affected
focal
not-affected
hirsute
not-affected
impish
not-affected
jammy
not-affected
trusty
ignored
xenial
ignored
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
autocorr-af
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-bg
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-ca
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-cs
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-da
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-de
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-en
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-es
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-fa
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-fi
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-fr
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-ga
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-hr
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-hu
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-is
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-it
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-ja
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-ko
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-lb
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-lt
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-mn
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-nl
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-pl
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-pt
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-ro
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-ru
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-sk
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-sl
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-sr
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-sv
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-tr
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-vi
RHEL 8
1:6.4.7.2-10.el8
fixed
autocorr-zh
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-base
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-calc
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-core
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-data
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-draw
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-emailmerge
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-filters
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-gdb-debug-support
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-graphicfilter
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-gtk3
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-ar
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-bg
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-bn
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-ca
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-cs
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-da
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-de
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-dz
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-el
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-en
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-es
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-et
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-eu
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-fi
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-fr
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-gl
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-gu
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-he
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-hi
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-hr
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-hu
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-id
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-it
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-ja
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-ko
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-lt
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-lv
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-nb
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-nl
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-nn
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-pl
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-pt-BR
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-pt-PT
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-ro
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-ru
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-si
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-sk
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-sl
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-sv
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-ta
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-tr
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-uk
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-zh-Hans
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-help-zh-Hant
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-impress
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-af
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-ar
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-as
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-bg
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-bn
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-br
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-ca
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-cs
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-cy
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-da
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-de
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-dz
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-el
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-en
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-es
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-et
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-eu
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-fa
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-fi
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-fr
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-ga
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-gl
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-gu
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-he
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-hi
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-hr
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-hu
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-id
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-it
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-ja
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-kk
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-kn
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-ko
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-lt
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-lv
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-mai
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-ml
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-mr
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-nb
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-nl
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-nn
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-nr
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-nso
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-or
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-pa
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-pl
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-pt-BR
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-pt-PT
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-ro
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-ru
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-si
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-sk
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-sl
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-sr
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-ss
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-st
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-sv
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-ta
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-te
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-th
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-tn
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-tr
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-ts
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-uk
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-ve
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-xh
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-zh-Hans
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-zh-Hant
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-langpack-zu
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-math
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-ogltrans
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-opensymbol-fonts
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-pdfimport
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-pyuno
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-sdk
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-sdk-doc
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-ure
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-ure-common
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-wiki-publisher
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-writer
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-x11
RHEL 8
1:6.4.7.2-10.el8
fixed
libreoffice-xsltfilter
RHEL 8
1:6.4.7.2-10.el8
fixed
libreofficekit
RHEL 8
1:6.4.7.2-10.el8
fixed
Common Weakness Enumeration
References
https://www.libreoffice.org/about-us/security/advisories/cve-2021-25635/