Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-11	CVE-2021-41831	Improper Verification of Cryptographic Signature vulnerability in Apache Openoffice It is possible for an attacker to manipulate the timestamp of signed documents. network low complexity apache CWE-347	5.3
2021-10-07	CVE-2021-40439	XXE vulnerability in Apache Openoffice Apache OpenOffice has a dependency on expat software. network low complexity apache CWE-611	6.5
2019-12-20	CVE-2012-5639	Exposure of Resource to Wrong Sphere vulnerability in multiple products LibreOffice and OpenOffice automatically open embedded content network low complexity libreoffice debian apache CWE-668	6.5
2017-11-20	CVE-2017-3157	Information Exposure vulnerability in multiple products By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. local low complexity apache debian redhat CWE-200	5.5
2012-06-17	CVE-2012-0037	XXE vulnerability in multiple products Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document. network low complexity librdf libreoffice apache fedoraproject redhat debian CWE-611	6.5