Advisory 2024-03/01 LibreOffice Vulnerabilities

Vulnerability typesArbitrary code execution, improper access control, arbitrary script execution, arbitrary plugin execution
Severity factors

These vulnerabilities have CVSS severity ratings of 5.3 medium - 8.8 high for users who are affected.

FileCloud is updating LibreOffice to version 7.6.4 to fix these vulnerabilities.

Versions affectedFileCloud versions earlier than 23.232.1 are affected.
Version fixedFileCloud version 23.232.1 and later


This advisory covers several LibreOffice security advisories that were published after version 7.4.1, the latest version on FileCloud prior to this upgrade. The security advisory address vulnerabilities associated with arbitrary code or plugin execution or improper access control.


FileCloud version upgrades LibreOffice to version 7.6.4, which does not include these vulnerabilities. 

What you should do to fix this vulnerability

  • If you are using FileCloud Server, we recommended that you update to the latest version, which is or greater. 
  • If you are using FileCloud Online, your site has already been updated to the latest version.

If you have any questions about this advisory, please contact FileCloud support.