{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T06:18:38.531","vulnerabilities":[{"cve":{"id":"CVE-2023-6185","sourceIdentifier":"security@documentfoundation.org","published":"2023-12-11T12:15:07.037","lastModified":"2025-02-13T18:16:06.290","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Input Validation vulnerability in GStreamer integration of The Document Foundation LibreOffice allows an attacker to execute arbitrary GStreamer plugins.\n\nIn affected versions the filename of the embedded video is not sufficiently escaped when passed to GStreamer enabling an attacker to run arbitrary gstreamer plugins depending on what plugins are installed on the target system."},{"lang":"es","value":"Vulnerabilidad de validación de entrada incorrecta en la integración GStreamer de The Document Foundation LibreOffice permite a un atacante ejecutar complementos GStreamer arbitrarios. En las versiones afectadas, el nombre de archivo del vídeo incrustado no se escapa lo suficiente cuando se pasa a GStreamer, lo que permite a un atacante ejecutar complementos arbitrarios de gstreamer dependiendo de qué complementos estén instalados en el sistema de destino."}],"metrics":{"cvssMetricV31":[{"source":"security@documentfoundation.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.7,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*","versionStartIncluding":"7.5.0","versionEndExcluding":"7.5.9","matchCriteriaId":"A3620339-BFEE-459E-937D-7F785CEE9C9F"},{"vulnerable":true,"criteria":"cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*","versionStartIncluding":"7.6.0","versionEndExcluding":"7.6.3","matchCriteriaId":"65A10E4B-F7DE-4FA8-8ACB-D1A54CCD408E"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*","matchCriteriaId":"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","matchCriteriaId":"FA6FEEC2-9F11-4643-8827-749718254FED"},{"vulnerable":true,"criteria":"cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*","matchCriteriaId":"46D69DCC-AE4D-4EA5-861C-D60951444C6C"}]}]}],"references":[{"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html","source":"security@documentfoundation.org"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/","source":"security@documentfoundation.org","tags":["Mailing List","Third Party Advisory"]},{"url":"https://www.debian.org/security/2023/dsa-5574","source":"security@documentfoundation.org","tags":["Third Party Advisory"]},{"url":"https://www.libreoffice.org/about-us/security/advisories/cve-2023-6185","source":"security@documentfoundation.org","tags":["Vendor Advisory"]},{"url":"https://lists.debian.org/debian-lts-announce/2023/12/msg00026.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QB7UB6CTWQUDOE657OVVRSDYUY3IPBJG/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Mailing List","Third Party Advisory"]},{"url":"https://www.debian.org/security/2023/dsa-5574","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.libreoffice.org/about-us/security/advisories/cve-2023-6185","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}