Description: "In the LibreOffice 7-1 series in versions prior to 7.1.2, and in the 7-0 series in versions prior to 7.0.5, the denylist can be circumvented by manipulating the link so it doesn't match the denylist but results in ShellExecute attempting to launch an executable type." Not clear if 6.x is vulnerable?
Hard to tell. I can't find any information about it in git.
Oh, we both missed it is Windows only (I should have clocked from the ShellExecute): https://www.libreoffice.org/about-us/security/advisories/cve-2021-25631/. All good.