View at Official debian advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2022-38745 not yet assigned priority: Debian including 1 source packages (libreoffice), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.
Apache OpenOffice versions before 4.1.14 may be configured to add an empty entry to the Java class path. This may lead to run arbitrary Java code from the current directory.