{"api_version":"1","generated_at":"2026-04-23T06:19:32+00:00","cve":"CVE-2022-3140","urls":{"html":"https://cve.report/CVE-2022-3140","api":"https://cve.report/api/cve/CVE-2022-3140.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-3140","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-3140"},"summary":{"title":"CVE-2022-3140","description":"LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice links using that scheme could be constructed to call internal macros with arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.1; 7.3 versions prior to 7.3.6.","state":"PUBLIC","assigner":"security@documentfoundation.org","published_at":"2022-10-11 21:15:00","updated_at":"2023-03-27 00:15:00"},"problem_types":["CWE-88"],"metrics":[],"references":[{"url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html","name":"[debian-lts-announce] 20230326 [SECURITY] [DLA 3368-1] libreoffice security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 3368-1] libreoffice security update","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TORANVTIWWBH3DNJR4UZATAG67KZOH32/","name":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TORANVTIWWBH3DNJR4UZATAG67KZOH32/","refsource":"MISC","tags":[],"title":"[SECURITY] Fedora 35 Update: libreoffice-7.2.7.2-2.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TORANVTIWWBH3DNJR4UZATAG67KZOH32/","name":"FEDORA-2022-775c747e4a","refsource":"FEDORA","tags":[],"title":"[SECURITY] Fedora 35 Update: libreoffice-7.2.7.2-2.fc35 - package-announce - Fedora Mailing-Lists","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.libreoffice.org/about-us/security/advisories/CVE-2022-3140","name":"https://www.libreoffice.org/about-us/security/advisories/CVE-2022-3140","refsource":"MISC","tags":[],"title":"CVE-2022-3140 | LibreOffice - Free Office Suite - Based on OpenOffice - Compatible with Microsoft","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://security.gentoo.org/glsa/202212-04","name":"GLSA-202212-04","refsource":"GENTOO","tags":[],"title":"LibreOffice: Arbitrary Code Execution (GLSA 202212-04) — Gentoo security","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.debian.org/security/2022/dsa-5252","name":"DSA-5252","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-5252-1 libreoffice","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-3140","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3140","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"3140","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"debian","cpe5":"debian_linux","cpe6":"11.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"3140","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"fedoraproject","cpe5":"fedora","cpe6":"35","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"3140","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"libreoffice","cpe5":"libreoffice","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2022","cve_id":"3140","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"libreoffice","cpe5":"libreoffice","cpe6":"7.4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-3140","qid":"160398","title":"Oracle Enterprise Linux Security Update for libreoffice (ELSA-2023-0089)"},{"cve":"CVE-2022-3140","qid":"160422","title":"Oracle Enterprise Linux Security Update for libreoffice (ELSA-2023-0304)"},{"cve":"CVE-2022-3140","qid":"181135","title":"Debian Security Update for libreoffice (DSA 5252-1)"},{"cve":"CVE-2022-3140","qid":"181639","title":"Debian Security Update for libreoffice (DLA 3368-1)"},{"cve":"CVE-2022-3140","qid":"184158","title":"Debian Security Update for libreoffice (CVE-2022-3140)"},{"cve":"CVE-2022-3140","qid":"199000","title":"Ubuntu Security Notification for LibreOffice Vulnerabilities (USN-5694-1)"},{"cve":"CVE-2022-3140","qid":"241056","title":"Red Hat Update for libreoffice (RHSA-2023:0089)"},{"cve":"CVE-2022-3140","qid":"241115","title":"Red Hat Update for libreoffice (RHSA-2023:0304)"},{"cve":"CVE-2022-3140","qid":"283230","title":"Fedora Security Update for libreoffice (FEDORA-2022-775c747e4a)"},{"cve":"CVE-2022-3140","qid":"502566","title":"Alpine Linux Security Update for libreoffice"},{"cve":"CVE-2022-3140","qid":"502588","title":"Alpine Linux Security Update for libreoffice"},{"cve":"CVE-2022-3140","qid":"502879","title":"Alpine Linux Security Update for libreoffice"},{"cve":"CVE-2022-3140","qid":"710691","title":"Gentoo Linux LibreOffice Arbitrary Code Execution Vulnerability (GLSA 202212-04)"},{"cve":"CVE-2022-3140","qid":"752680","title":"SUSE Enterprise Linux Security Update for libreoffice (SUSE-SU-2022:3602-1)"},{"cve":"CVE-2022-3140","qid":"753136","title":"SUSE Enterprise Linux Security Update for libreoffice (SUSE-SU-2022:3650-1)"},{"cve":"CVE-2022-3140","qid":"940875","title":"AlmaLinux Security Update for libreoffice (ALSA-2023:0089)"},{"cve":"CVE-2022-3140","qid":"940908","title":"AlmaLinux Security Update for libreoffice (ALSA-2023:0304)"},{"cve":"CVE-2022-3140","qid":"960556","title":"Rocky Linux Security Update for libreoffice (RLSA-2023:0304)"},{"cve":"CVE-2022-3140","qid":"960559","title":"Rocky Linux Security Update for libreoffice (RLSA-2023:0089)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2022-3140","ASSIGNER":"security@documentfoundation.org","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice links using that scheme could be constructed to call internal macros with arbitrary arguments. Which when clicked on, or activated by document events, could result in arbitrary script execution without warning. This issue affects: The Document Foundation LibreOffice 7.4 versions prior to 7.4.1; 7.3 versions prior to 7.3.6."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-20 Improper Input Validation","cweId":"CWE-20"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"The Document Foundation","product":{"product_data":[{"product_name":"LibreOffice","version":{"version_data":[{"version_affected":"<","version_name":"7.4","version_value":"7.4.1"},{"version_affected":"<","version_name":"7.3","version_value":"7.3.6"}]}}]}}]}},"references":{"reference_data":[{"url":"https://www.libreoffice.org/about-us/security/advisories/CVE-2022-3140","refsource":"MISC","name":"https://www.libreoffice.org/about-us/security/advisories/CVE-2022-3140"},{"url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html","refsource":"MISC","name":"https://lists.debian.org/debian-lts-announce/2023/03/msg00022.html"},{"url":"https://www.debian.org/security/2022/dsa-5252","refsource":"MISC","name":"https://www.debian.org/security/2022/dsa-5252"},{"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TORANVTIWWBH3DNJR4UZATAG67KZOH32/","refsource":"MISC","name":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TORANVTIWWBH3DNJR4UZATAG67KZOH32/"},{"url":"https://security.gentoo.org/glsa/202212-04","refsource":"MISC","name":"https://security.gentoo.org/glsa/202212-04"}]},"generator":{"engine":"Vulnogram 0.0.9"},"source":{"discovery":"EXTERNAL"},"credits":[{"lang":"en","value":"TheSecurityDev working with Trend Micro Zero Day Initiative"}]},"nvd":{"publishedDate":"2022-10-11 21:15:00","lastModifiedDate":"2023-03-27 00:15:00","problem_types":["CWE-88"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW","baseScore":6.3,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":3.4}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:libreoffice:libreoffice:7.4.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:libreoffice:libreoffice:*:*:*:*:*:*:*:*","versionStartIncluding":"7.3.0","versionEndExcluding":"7.3.6","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}