CVE-2022-29777

Published
View on NVD ↗
CVSS v3
9.8
CRITICAL
CVSS v2
7.5
HIGH
Affected
3
PROJECTS

Description

Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to contain a heap overflow via the component DesktopEditor/fontengine/fontconverter/FontFileBase.h.

ONLYOFFICE/DocumentServer
ONLYOFFICE/DocumentServer
ONLYOFFICE Docs is a free collaborative online office suite comprising viewers and editors for texts, spreadsheets and presentations, forms and PDF, fully compatible with Office Open XML formats: .docx, .xlsx, .pptx and enabling collaborative editing in real time.
GitHubGitHub
6.58K
ONLYOFFICE/core
ONLYOFFICE/core
Server core components which are a part of ONLYOFFICE Document Server
GitHubGitHub
404
moehw/poc_exploits
moehw/poc_exploits
🕳️ Proof of Concept exploits and their descriptions for various products
GitHubGitHub
26