{"id":"CVE-2024-12425","details":"Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The Document Foundation LibreOffice allows Absolute Path Traversal.\n\n\n\n\nAn attacker can write to arbitrary locations, albeit suffixed with \".ttf\", by supplying a file in a format that supports embedded font files.\n\n\nThis issue affects LibreOffice: from 24.8 before \u003c 24.8.4.","modified":"2026-05-18T05:56:55.183320836Z","published":"2025-01-07T12:15:24.183Z","database_specific":{"unresolved_ranges":[{"source":"CPE_FIELD","extracted_events":[{"last_affected":"11.0"}],"cpes":["cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*"],"vendor_product":"debian:debian_linux"},{"source":"CPE_FIELD","extracted_events":[{"introduced":"24.8.0.1"},{"fixed":"24.8.4"}],"cpes":["cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*"],"vendor_product":"libreoffice:libreoffice"}]},"references":[{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00013.html"},{"type":"ADVISORY","url":"https://www.libreoffice.org/about-us/security/advisories/cve-2024-12425"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/libreoffice/core","events":[{"introduced":"0"},{"last_affected":"a17e39caaf73108bee692d6f64a44c62f4066f1d"},{"last_affected":"318462181c709ed29c01eb3239b4d600d7b82ecc"}],"database_specific":{"source":"CPE_FIELD","extracted_events":[{"introduced":"0"},{"last_affected":"24.8.0.0-alpha1"},{"last_affected":"24.8.0.0-beta1"}],"cpe":["cpe:2.3:a:libreoffice:libreoffice:24.8.0.0:alpha1:*:*:*:*:*:*","cpe:2.3:a:libreoffice:libreoffice:24.8.0.0:beta1:*:*:*:*:*:*"]}}],"versions":["libreoffice-24.8.0.0.beta1","libreoffice-24-8-branch-point","libreoffice-24.8.0.0.alpha1","libreoffice-24-2-branch-point","libreoffice-7-6-branch-point","libreoffice-7-5-branch-point","libreoffice-7-4-branch-point","libreoffice-7-3-branch-point","libreoffice-7-2-branch-point","libreoffice-7-1-branch-point","libreoffice-7-0-branch-point","libreoffice-6-4-branch-point","libreoffice-6-3-branch-point","libreoffice-6-2-branch-point","libreoffice-6-1-branch-point","libreoffice-6-0-branch-point","gpg4libre-review-5.4.99","libreoffice-5-4-branch-point","libreoffice-5-3-branch-point","libreoffice-5-2-branch-point","libreoffice-5-1-branch-point","libreoffice-5-0-branch-point","libreoffice-4-4-branch-point","libreoffice-4-3-branch-point","sdremote-2.0.0","libreoffice-4-2-branch-point","libreoffice-4-2-milestone-1","libreoffice-4-1-branch-point","libreoffice-4-0-branch-point","libreoffice-3-6-branch-point","libreoffice-3.5.0.0","libreoffice-3-5-branch-point","windows_build_successful_2011_11_08","MELD_LIBREOFFICE_REPOS"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-12425.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}]}