Launchpad.net

CVE 2023-6186

Insufficient macro permission validation of The Document Foundation LibreOffice allows an attacker to execute built-in macros without warning. In affected versions LibreOffice supports hyperlinks with macro or similar built-in command targets that can be executed when activated without warning the user.

Related bugs and status

CVE-2023-6186 (Candidate) is related to these bugs:

Bug #2044019: [SRU] libreoffice 7.6.4 for mantic

Summary				In	Importance	Status
	2044019	[SRU] libreoffice 7.6.4 for mantic		libreoffice (Ubuntu)	Undecided	Fix Released
	2044019	[SRU] libreoffice 7.6.4 for mantic		libreoffice (Ubuntu Mantic)	Medium	Fix Released

Bug #2044369: [SRU] libreoffice 7.5.9 for lunar

Summary				In	Importance	Status
	2044369	[SRU] libreoffice 7.5.9 for lunar		libreoffice (Ubuntu)	Undecided	Fix Released
	2044369	[SRU] libreoffice 7.5.9 for lunar		libreoffice (Ubuntu Lunar)	Medium	Fix Released

Bug #2046037: CVE-2023-6185 and CVE-2023-6186

		In	Importance	Status
2046037	CVE-2023-6185 and CVE-2023-6186	libreoffice (Ubuntu)	Critical	Fix Released
2046037	CVE-2023-6185 and CVE-2023-6186	libreoffice (Ubuntu Jammy)	Critical	Fix Released
2046037	CVE-2023-6185 and CVE-2023-6186	libreoffice (Ubuntu Focal)	Critical	Fix Released
2046037	CVE-2023-6185 and CVE-2023-6186	libreoffice (Ubuntu Mantic)	Critical	Fix Released
2046037	CVE-2023-6185 and CVE-2023-6186	libreoffice (Ubuntu Noble)	Critical	Fix Released
2046037	CVE-2023-6185 and CVE-2023-6186	libreoffice (Ubuntu Lunar)	Critical	Fix Released

Bug #2046150: [BPO] libreoffice 7.5.9 for jammy

Summary				In	Importance	Status
	2046150	[BPO] libreoffice 7.5.9 for jammy		libreoffice (Ubuntu)	Undecided	Fix Released
	2046150	[BPO] libreoffice 7.5.9 for jammy		libreoffice (Ubuntu Jammy)	Critical	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2023-6186

Related bugs and status

Related bugs

References