Improper Input Validation Affecting autocorr-da package, versions <1:7.1.8.1-13.el9_4


Severity

Recommended
medium

Based on Red Hat Enterprise Linux security rating.

Threat Intelligence

EPSS
1.01% (59th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-RHEL9-AUTOCORRDA-12664530
  • published13 Sept 2025
  • disclosed14 May 2024

Introduced: 14 May 2024

CVE-2024-3044  (opens in a new tab)
CWE-20  (opens in a new tab)

How to fix?

Upgrade RHEL:9 autocorr-da to version 1:7.1.8.1-13.el9_4 or higher.
This issue was patched in RHSA-2024:4755.

NVD Description

Note: Versions mentioned in the description apply only to the upstream autocorr-da package and not the autocorr-da package as distributed by RHEL. See How to fix? for RHEL:9 relevant fixed versions and status.

Unchecked script execution in Graphic on-click binding in affected LibreOffice versions allows an attacker to create a document which without prompt will execute scripts built-into LibreOffice on clicking a graphic. Such scripts were previously deemed trusted but are now deemed untrusted.

CVSS Base Scores

version 3.1