{"id":"CVE-2022-38745","details":"Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.\n\n\n","modified":"2026-03-13T05:57:12.121678Z","published":"2023-03-24T16:15:08.130Z","related":["ALSA-2023:6508","ALSA-2023:6933"],"references":[{"type":"ADVISORY","url":"https://www.openoffice.org/security/cves/CVE-2022-38745.html"},{"type":"ADVISORY","url":"https://lists.apache.org/thread/q3noq7m681kvtb29m28x74q8cnwnzzo0"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"4.1.14"}]},{"events":[{"introduced":"0"},{"fixed":"4.1.14"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-38745.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}