VYPR
High severityOSV Advisory· Published Apr 15, 2025· Updated Apr 15, 2026

CVE-2025-27791

CVE-2025-27791

Description

Collabora Online is a collaborative online office suite based on LibreOffice technology. In versions prior to 24.04.12.4, 23.05.19, and 22.05.25, there is a path traversal flaw in handling the CheckFileInfo BaseFileName field returned from WOPI servers. This allows for a file to be written anywhere the uid running Collabora Online can write, if such a response was supplied by a malicious WOPI server. By combining this flaw with a Time of Check, Time of Use DNS lookup issue with a WOPI server address under attacker control, it is possible to present such a response to be processed by a Collabora Online instance. This issue has been patched in versions 24.04.13.1, 23.05.19, and 22.05.25.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Collaboraonline/OnlineOSV2 versions
    1.6.0-0, 1.6.0-4-CODE, 1.6.2-1, …+ 1 more
    • (no CPE)range: 1.6.0-0, 1.6.0-4-CODE, 1.6.2-1, …
    • (no CPE)range: <24.04.12.4, <23.05.19, <22.05.25

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.