{"id":"CVE-2021-25829","details":"An improper binary stream data handling issue was found in the [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. Using this bug, an attacker is able to produce a denial of service attack that can eventually shut down the target server.","modified":"2026-04-02T06:47:57.098188Z","published":"2021-03-01T16:15:14.150Z","references":[{"type":"ADVISORY","url":"https://github.com/ONLYOFFICE/core/blob/c1e4a2ce33bdcfab29d670f5fdb10fc63cf5fd6a/ASCOfficePPTXFile/PPTXFormat/NotesMaster.h#L148"},{"type":"ADVISORY","url":"https://github.com/ONLYOFFICE/core/blob/c1e4a2ce33bdcfab29d670f5fdb10fc63cf5fd6a/ASCOfficePPTXFile/PPTXFormat/NotesSlide.h#L141"},{"type":"ADVISORY","url":"https://github.com/ONLYOFFICE/core/blob/c1e4a2ce33bdcfab29d670f5fdb10fc63cf5fd6a/ASCOfficePPTXFile/PPTXFormat/Presentation.h#L277"},{"type":"ADVISORY","url":"https://github.com/ONLYOFFICE/core/blob/v5.6.4.10/ASCOfficePPTXFile/Editor/BinaryFileReaderWriter.cpp#L1722"},{"type":"ADVISORY","url":"https://github.com/ONLYOFFICE/core/blob/c1e4a2ce33bdcfab29d670f5fdb10fc63cf5fd6a/ASCOfficePPTXFile/PPTXFormat/Comments.h#L299"},{"type":"ADVISORY","url":"https://github.com/ONLYOFFICE/core/blob/c1e4a2ce33bdcfab29d670f5fdb10fc63cf5fd6a/ASCOfficePPTXFile/PPTXFormat/Core.h#L161"},{"type":"ADVISORY","url":"https://github.com/ONLYOFFICE/core/blob/c1e4a2ce33bdcfab29d670f5fdb10fc63cf5fd6a/ASCOfficePPTXFile/PPTXFormat/Theme.h#L277"},{"type":"PACKAGE","url":"https://github.com/ONLYOFFICE/core"},{"type":"PACKAGE","url":"https://github.com/ONLYOFFICE/DocumentServer"},{"type":"EVIDENCE","url":"https://github.com/merrychap/poc_exploits/tree/master/ONLYOFFICE/CVE-2021-25829"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/onlyoffice/documentserver","events":[{"introduced":"1e2a61f6f4321e2571474068595dfe23a657cbdf"},{"last_affected":"0187bea803abdd2b2b6ad8168272d77e27739add"}],"database_specific":{"versions":[{"introduced":"4.0.0-9"},{"last_affected":"5.6.3"}]}}],"versions":["ONLYOFFICE-DocumentServer-4.0.0-9","ONLYOFFICE-DocumentServer-4.0.1-34","ONLYOFFICE-DocumentServer-4.0.2-4","ONLYOFFICE-DocumentServer-4.0.3-3","ONLYOFFICE-DocumentServer-4.1.2-37","ONLYOFFICE-DocumentServer-4.1.4-3","ONLYOFFICE-DocumentServer-4.1.5-1","ONLYOFFICE-DocumentServer-4.1.6-3","ONLYOFFICE-DocumentServer-4.1.8-1","ONLYOFFICE-DocumentServer-4.2.0","ONLYOFFICE-DocumentServer-4.2.1","ONLYOFFICE-DocumentServer-4.2.10","ONLYOFFICE-DocumentServer-4.2.11","ONLYOFFICE-DocumentServer-4.2.3","ONLYOFFICE-DocumentServer-4.2.4","ONLYOFFICE-DocumentServer-4.2.5","ONLYOFFICE-DocumentServer-4.2.7","ONLYOFFICE-DocumentServer-4.2.8","ONLYOFFICE-DocumentServer-4.2.9","ONLYOFFICE-DocumentServer-4.3.0","ONLYOFFICE-DocumentServer-4.3.1","ONLYOFFICE-DocumentServer-4.3.2","ONLYOFFICE-DocumentServer-4.3.3","ONLYOFFICE-DocumentServer-4.3.4","ONLYOFFICE-DocumentServer-4.3.5","ONLYOFFICE-DocumentServer-4.3.6","ONLYOFFICE-DocumentServer-4.4.1","ONLYOFFICE-DocumentServer-4.4.2","ONLYOFFICE-DocumentServer-4.4.3","ONLYOFFICE-DocumentServer-5.0.3","ONLYOFFICE-DocumentServer-5.0.4","ONLYOFFICE-DocumentServer-5.0.5","ONLYOFFICE-DocumentServer-5.0.6","ONLYOFFICE-DocumentServer-5.0.7","ONLYOFFICE-DocumentServer-5.1.0","ONLYOFFICE-DocumentServer-5.1.1","ONLYOFFICE-DocumentServer-5.1.2","ONLYOFFICE-DocumentServer-5.1.3","ONLYOFFICE-DocumentServer-5.1.4","ONLYOFFICE-DocumentServer-5.1.5","ONLYOFFICE-DocumentServer-5.2.0","ONLYOFFICE-DocumentServer-5.2.2","ONLYOFFICE-DocumentServer-5.2.3","ONLYOFFICE-DocumentServer-5.2.4","ONLYOFFICE-DocumentServer-5.2.6","ONLYOFFICE-DocumentServer-5.2.7","ONLYOFFICE-DocumentServer-5.2.8","ONLYOFFICE-DocumentServer-5.3.0","ONLYOFFICE-DocumentServer-5.3.1","ONLYOFFICE-DocumentServer-5.3.2","ONLYOFFICE-DocumentServer-5.3.4","ONLYOFFICE-DocumentServer-5.4.0-2","ONLYOFFICE-DocumentServer-5.4.1","ONLYOFFICE-DocumentServer-5.4.2","ONLYOFFICE-DocumentServer-5.5.0","ONLYOFFICE-DocumentServer-5.5.1","ONLYOFFICE-DocumentServer-5.5.3","ONLYOFFICE-DocumentServer-5.6.0","ONLYOFFICE-DocumentServer-5.6.1","ONLYOFFICE-DocumentServer-5.6.2","ONLYOFFICE-DocumentServer-5.6.3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-25829.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}