Unrated severityNVD Advisory· Published Oct 11, 2021· Updated Sep 16, 2024

Content Manipulation with Double Certificate Attack

CVE-2021-25633

Description

LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to combine multiple certificate data, which when opened caused LibreOffice to display a validly signed indicator but whose content was unrelated to the signature shown. This issue affects: The Document Foundation LibreOffice 7-0 versions prior to 7.0.6; 7-1 versions prior to 7.1.2.

Affected products

172

osv-coords171 versions
pkg:rpm/almalinux/autocorr-af pkg:rpm/almalinux/autocorr-bg pkg:rpm/almalinux/autocorr-ca pkg:rpm/almalinux/autocorr-cs pkg:rpm/almalinux/autocorr-da pkg:rpm/almalinux/autocorr-de pkg:rpm/almalinux/autocorr-en pkg:rpm/almalinux/autocorr-es pkg:rpm/almalinux/autocorr-fa pkg:rpm/almalinux/autocorr-fi pkg:rpm/almalinux/autocorr-fr pkg:rpm/almalinux/autocorr-ga pkg:rpm/almalinux/autocorr-hr pkg:rpm/almalinux/autocorr-hu pkg:rpm/almalinux/autocorr-is pkg:rpm/almalinux/autocorr-it pkg:rpm/almalinux/autocorr-ja pkg:rpm/almalinux/autocorr-ko pkg:rpm/almalinux/autocorr-lb pkg:rpm/almalinux/autocorr-lt pkg:rpm/almalinux/autocorr-mn pkg:rpm/almalinux/autocorr-nl pkg:rpm/almalinux/autocorr-pl pkg:rpm/almalinux/autocorr-pt pkg:rpm/almalinux/autocorr-ro pkg:rpm/almalinux/autocorr-ru pkg:rpm/almalinux/autocorr-sk pkg:rpm/almalinux/autocorr-sl pkg:rpm/almalinux/autocorr-sr pkg:rpm/almalinux/autocorr-sv pkg:rpm/almalinux/autocorr-tr pkg:rpm/almalinux/autocorr-vi pkg:rpm/almalinux/autocorr-zh pkg:rpm/almalinux/libreoffice-base pkg:rpm/almalinux/libreoffice-calc pkg:rpm/almalinux/libreoffice-core pkg:rpm/almalinux/libreoffice-data pkg:rpm/almalinux/libreoffice-draw pkg:rpm/almalinux/libreoffice-emailmerge pkg:rpm/almalinux/libreoffice-filters pkg:rpm/almalinux/libreoffice-gdb-debug-support pkg:rpm/almalinux/libreoffice-graphicfilter pkg:rpm/almalinux/libreoffice-gtk3 pkg:rpm/almalinux/libreoffice-help-ar pkg:rpm/almalinux/libreoffice-help-bg pkg:rpm/almalinux/libreoffice-help-bn pkg:rpm/almalinux/libreoffice-help-ca pkg:rpm/almalinux/libreoffice-help-cs pkg:rpm/almalinux/libreoffice-help-da pkg:rpm/almalinux/libreoffice-help-de pkg:rpm/almalinux/libreoffice-help-dz pkg:rpm/almalinux/libreoffice-help-el pkg:rpm/almalinux/libreoffice-help-en pkg:rpm/almalinux/libreoffice-help-es pkg:rpm/almalinux/libreoffice-help-et pkg:rpm/almalinux/libreoffice-help-eu pkg:rpm/almalinux/libreoffice-help-fi pkg:rpm/almalinux/libreoffice-help-fr pkg:rpm/almalinux/libreoffice-help-gl pkg:rpm/almalinux/libreoffice-help-gu pkg:rpm/almalinux/libreoffice-help-he pkg:rpm/almalinux/libreoffice-help-hi pkg:rpm/almalinux/libreoffice-help-hr pkg:rpm/almalinux/libreoffice-help-hu pkg:rpm/almalinux/libreoffice-help-id pkg:rpm/almalinux/libreoffice-help-it pkg:rpm/almalinux/libreoffice-help-ja pkg:rpm/almalinux/libreoffice-help-ko pkg:rpm/almalinux/libreoffice-help-lt pkg:rpm/almalinux/libreoffice-help-lv pkg:rpm/almalinux/libreoffice-help-nb pkg:rpm/almalinux/libreoffice-help-nl pkg:rpm/almalinux/libreoffice-help-nn pkg:rpm/almalinux/libreoffice-help-pl pkg:rpm/almalinux/libreoffice-help-pt-BR pkg:rpm/almalinux/libreoffice-help-pt-PT pkg:rpm/almalinux/libreoffice-help-ro pkg:rpm/almalinux/libreoffice-help-ru pkg:rpm/almalinux/libreoffice-help-si pkg:rpm/almalinux/libreoffice-help-sk pkg:rpm/almalinux/libreoffice-help-sl pkg:rpm/almalinux/libreoffice-help-sv pkg:rpm/almalinux/libreoffice-help-ta pkg:rpm/almalinux/libreoffice-help-tr pkg:rpm/almalinux/libreoffice-help-uk pkg:rpm/almalinux/libreoffice-help-zh-Hans pkg:rpm/almalinux/libreoffice-help-zh-Hant pkg:rpm/almalinux/libreoffice-impress pkg:rpm/almalinux/libreofficekit pkg:rpm/almalinux/libreoffice-langpack-af pkg:rpm/almalinux/libreoffice-langpack-ar pkg:rpm/almalinux/libreoffice-langpack-as pkg:rpm/almalinux/libreoffice-langpack-bg pkg:rpm/almalinux/libreoffice-langpack-bn pkg:rpm/almalinux/libreoffice-langpack-br pkg:rpm/almalinux/libreoffice-langpack-ca pkg:rpm/almalinux/libreoffice-langpack-cs pkg:rpm/almalinux/libreoffice-langpack-cy pkg:rpm/almalinux/libreoffice-langpack-da pkg:rpm/almalinux/libreoffice-langpack-de pkg:rpm/almalinux/libreoffice-langpack-dz pkg:rpm/almalinux/libreoffice-langpack-el pkg:rpm/almalinux/libreoffice-langpack-en pkg:rpm/almalinux/libreoffice-langpack-es pkg:rpm/almalinux/libreoffice-langpack-et pkg:rpm/almalinux/libreoffice-langpack-eu pkg:rpm/almalinux/libreoffice-langpack-fa pkg:rpm/almalinux/libreoffice-langpack-fi pkg:rpm/almalinux/libreoffice-langpack-fr pkg:rpm/almalinux/libreoffice-langpack-ga pkg:rpm/almalinux/libreoffice-langpack-gl pkg:rpm/almalinux/libreoffice-langpack-gu pkg:rpm/almalinux/libreoffice-langpack-he pkg:rpm/almalinux/libreoffice-langpack-hi pkg:rpm/almalinux/libreoffice-langpack-hr pkg:rpm/almalinux/libreoffice-langpack-hu pkg:rpm/almalinux/libreoffice-langpack-id pkg:rpm/almalinux/libreoffice-langpack-it pkg:rpm/almalinux/libreoffice-langpack-ja pkg:rpm/almalinux/libreoffice-langpack-kk pkg:rpm/almalinux/libreoffice-langpack-kn pkg:rpm/almalinux/libreoffice-langpack-ko pkg:rpm/almalinux/libreoffice-langpack-lt pkg:rpm/almalinux/libreoffice-langpack-lv pkg:rpm/almalinux/libreoffice-langpack-mai pkg:rpm/almalinux/libreoffice-langpack-ml pkg:rpm/almalinux/libreoffice-langpack-mr pkg:rpm/almalinux/libreoffice-langpack-nb pkg:rpm/almalinux/libreoffice-langpack-nl pkg:rpm/almalinux/libreoffice-langpack-nn pkg:rpm/almalinux/libreoffice-langpack-nr pkg:rpm/almalinux/libreoffice-langpack-nso pkg:rpm/almalinux/libreoffice-langpack-or pkg:rpm/almalinux/libreoffice-langpack-pa pkg:rpm/almalinux/libreoffice-langpack-pl pkg:rpm/almalinux/libreoffice-langpack-pt-BR pkg:rpm/almalinux/libreoffice-langpack-pt-PT pkg:rpm/almalinux/libreoffice-langpack-ro pkg:rpm/almalinux/libreoffice-langpack-ru pkg:rpm/almalinux/libreoffice-langpack-si pkg:rpm/almalinux/libreoffice-langpack-sk pkg:rpm/almalinux/libreoffice-langpack-sl pkg:rpm/almalinux/libreoffice-langpack-sr pkg:rpm/almalinux/libreoffice-langpack-ss pkg:rpm/almalinux/libreoffice-langpack-st pkg:rpm/almalinux/libreoffice-langpack-sv pkg:rpm/almalinux/libreoffice-langpack-ta pkg:rpm/almalinux/libreoffice-langpack-te pkg:rpm/almalinux/libreoffice-langpack-th pkg:rpm/almalinux/libreoffice-langpack-tn pkg:rpm/almalinux/libreoffice-langpack-tr pkg:rpm/almalinux/libreoffice-langpack-ts pkg:rpm/almalinux/libreoffice-langpack-uk pkg:rpm/almalinux/libreoffice-langpack-ve pkg:rpm/almalinux/libreoffice-langpack-xh pkg:rpm/almalinux/libreoffice-langpack-zh-Hans pkg:rpm/almalinux/libreoffice-langpack-zh-Hant pkg:rpm/almalinux/libreoffice-langpack-zu pkg:rpm/almalinux/libreoffice-math pkg:rpm/almalinux/libreoffice-ogltrans pkg:rpm/almalinux/libreoffice-opensymbol-fonts pkg:rpm/almalinux/libreoffice-pdfimport pkg:rpm/almalinux/libreoffice-pyuno pkg:rpm/almalinux/libreoffice-sdk pkg:rpm/almalinux/libreoffice-sdk-doc pkg:rpm/almalinux/libreoffice-ure pkg:rpm/almalinux/libreoffice-ure-common pkg:rpm/almalinux/libreoffice-wiki-publisher pkg:rpm/almalinux/libreoffice-writer pkg:rpm/almalinux/libreoffice-x11 pkg:rpm/almalinux/libreoffice-xsltfilter
< 1:6.4.7.2-10.el8.alma+ 170 more
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
- (no CPE)range: < 1:6.4.7.2-10.el8.alma
The Document Foundation/Libreoffice Onlinecpe-rescue
Range: 7-0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.debian.org/security/2021/dsa-4988mitrevendor-advisoryx_refsource_DEBIAN
www.libreoffice.org/about-us/security/advisories/CVE-2021-25633mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000