An bayyana rashin lahani guda uku a cikin ɗakunan ofis ɗin LibreOffice da Apache OpenOffice waɗanda za su iya ba maharan damar shirya takaddun da ga alama wata amintacciyar tushe ce ta sa hannu ko canza ranar takardar da aka riga aka sanya hannu. An gyara matsalolin a cikin sakin Apache OpenOffice 4.1.11 da kuma LibreOffice 7.0.6/7.1.2 a ƙarƙashin ɓoye marasa tsaro (LibreOffice 7.0.6 da 7.1.2 an buga su a farkon watan Mayu, amma raunin ya kasance kawai. yanzu an bayyana).
- CVE-2021-41832, CVE-2021-25635 - yana ba mai hari damar sanya hannu kan takardar ODF tare da takardar shedar sa hannu mara amana, amma ta hanyar canza sa hannu na dijital zuwa ƙimar da ba daidai ba ko mara tallafi, cimma nunin wannan takaddar a matsayin amintacce. (an yi la'akari da sa hannu tare da algorithm mara kyau a matsayin daidai).
- CVE-2021-41830, CVE-2021-25633 - yana ba maharin damar ƙirƙirar daftarin aiki na ODF ko macro wanda za a nuna a cikin keɓancewa a matsayin abin dogaro, duk da kasancewar ƙarin abun ciki wanda wani takaddun shaida ya tabbatar.
- CVE-2021-41831, CVE-2021-25634 - yana ba da damar yin canje-canje ga takaddun ODF da aka sa hannu a lambobi wanda ke gurbata lokacin tsara sa hannu na dijital da aka nuna ga mai amfani ba tare da keta alamar amana ba.
source: budenet.ru