Low severity3.3NVD Advisory· Published Jan 7, 2025· Updated Jun 17, 2026
CVE-2024-12425
CVE-2024-12425
Description
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The Document Foundation LibreOffice allows Absolute Path Traversal.
An attacker can write to arbitrary locations, albeit suffixed with ".ttf", by supplying a file in a format that supports embedded font files.
This issue affects LibreOffice: from 24.8 before < 24.8.4.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2< 24.8.4+ 1 more
- (no CPE)range: < 24.8.4
- (no CPE)range: 24.8
Patches
Vulnerability mechanics
References
2- lists.debian.org/debian-lts-announce/2025/01/msg00013.htmlnvdMailing ListThird Party Advisory
- www.libreoffice.org/about-us/security/advisories/cve-2024-12425nvdVendor Advisory
News mentions
0No linked articles in our index yet.