Lucene search
K
GnuPspp2.0.1

5 matches found

CVE
CVE
added 2025/05/03 12:0 a.m.73 views

CVE-2025-47229

CVE-2025-47229 affects GNU PSPP (libpspp-core.a) up to version 2.0.1. The root cause is a denial-of-service condition triggered by crafted input data that causes a var_set_leave_quiet assertion failure and application exit, via a call path from src/data/dictionary.c into src/data/variable.c. Mult...

5.5CVSS7.2AI score0.00154EPSS
CVE
CVE
added 2025/05/10 12:0 a.m.72 views

CVE-2025-47814

CVE-2025-47814 describes a heap-based buffer overflow in PSPP’s zip reader. The vulnerable component is the PSPP core library, specifically the file zip-reader.c, within the function inflate_read (called indirectly from spv_read_xml_member). This issue affects the library artifact libpspp-core.a ...

9.8CVSS7.3AI score0.00258EPSS
CVE
CVE
added 2025/05/10 12:0 a.m.69 views

CVE-2025-47815

CVE-2025-47815 affects GNU PSPP up to version 2.0.1, via the libpspp-core.a component. The issue is a heap-based buffer overflow in inflate_read (called indirectly from zip_member_read_all) in zip-reader.c, due to improper validation of input length/size. This is the stated root cause and vulnera...

9.8CVSS5AI score0.00258EPSS
CVE
CVE
added 2025/05/10 12:0 a.m.67 views

CVE-2025-47816

CVE-2025-47816 affects GNU PSPP (libpspp-core.a) through version 2.0.1. The vulnerability is an out-of-bounds read in spvxml_parse_attributes (spvxml-helpers.c), related to extra content at the end of a document. All provided connected sources corroborate this issue. Practical impact is an out-of...

9.1CVSS6.8AI score0.00298EPSS
CVE
CVE
added 2025/05/16 12:0 a.m.46 views

CVE-2025-48188

The CVE-2025-48188 issue affects GNU PSPP’s libpspp-core.a up to version 2.0.1. A faulty call from fill_buffer (data/encrypted-file.c) to the Gnulib rijndaelDecrypt function leads to a heap-based buffer over-read, which can cause memory disclosure or an application crash. Several sources (includi...

5.5CVSS4.1AI score0.00141EPSS