Vulnerabilities > Onlyoffice > Document Server > 7.3.2

DATE CVE VULNERABILITY TITLE RISK
2023-08-14 CVE-2023-30186 Use After Free vulnerability in Onlyoffice Document Server
A use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.
network
low complexity
onlyoffice CWE-416
critical
 9.8
9.8
2023-08-14 CVE-2023-30187 Out-of-bounds Write vulnerability in Onlyoffice Document Server
An out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.
network
low complexity
onlyoffice CWE-787
critical
 9.8
9.8
2023-08-14 CVE-2023-30188 Infinite Loop vulnerability in Onlyoffice Document Server
Memory Exhaustion vulnerability in ONLYOFFICE Document Server 4.0.3 through 7.3.2 allows remote attackers to cause a denial of service via crafted JavaScript file.
network
low complexity
onlyoffice CWE-835
7.5
7.5