CVE-2024-25114

Name of the Vulnerable Software and Affected Versions Collabora Online versions prior to 21.11.10 Collabora Online versions prior to 22.05.22 Collabora Online versions prior to 23.05.9

Description Collabora Online is a collaborative online office suite based on LibreOffice technology. Each document in Collabora Online is opened by a separate "Kit" instance in a different "jail" with a unique directory "jailID" name. The vulnerability allows an attacker to use the CELL() function, with the "filename" argument, in the spreadsheet component to get a path which includes this JailID. The impact of this issue is low because it requires to be chained with another vulnerability.

Recommendations For Collabora Online versions prior to 21.11.10, upgrade to version 21.11.10 or higher. For Collabora Online versions prior to 22.05.22, upgrade to version 22.05.22 or higher. For Collabora Online versions prior to 23.05.9, upgrade to version 23.05.9 or higher. As a temporary workaround, consider restricting the use of the CELL() function with the filename argument in the spreadsheet component until a patch is available.