CVE-2020-35357

The CVE-2020-35357 entry concerns the GNU Scientific Library (GSL). The linked documents confirm a buffer overflow in gsl_stats_quantile_from_sorted_data when calculating a quantile, observable in GSL versions 2.5 and 2.6. The impact described is that a crafted input could cause arbitrary code ex...

CVE-2024-50610

CVE-2024-50610 affects GSL (GNU Scientific Library) up to version 2.8. The issue is an integer signedness error in gsl_siman_solve_many (in siman/siman.c) that can trigger incorrect memory allocation when params.n_tries is negative. Multiple connected advisories (ALAS/AL2 and OSV feed) confirm th...