CVE-2021-30245

Name of the Vulnerable Software and Affected Versions Apache OpenOffice versions prior to 4.1.10

Description The issue is related to the handling of non-http(s) hyperlinks in Apache OpenOffice, which can lead to untrusted code execution if a link is specifically crafted. This problem has existed since about 2006. It is recommended to be careful when opening documents from unknown and unverified sources.

Recommendations For versions prior to 4.1.10, consider avoiding the use of non-http(s) hyperlinks in documents until a patch is available. As a temporary workaround, users should exercise caution when opening documents from unknown sources and avoid clicking on suspicious links. In the upcoming version 4.1.10, a security warning will be displayed when opening potentially dangerous hyperlinks, giving the user the option to continue or cancel the action.