Gnu Pspp
14 CVEs affecting Gnu Pspp. Latest disclosed: 2025-06-09. Critical: 0, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-12961 | High | 7.5 | 2017-08-18 | There is an assertion abort in the function parse_attributes() in data/sys-file-reader.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remo… |
CVE-2017-12960 | High | 7.5 | 2017-08-18 | There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to r… |
CVE-2017-12959 | High | 7.5 | 2017-08-18 | There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a… |
CVE-2017-12958 | High | 7.5 | 2017-08-18 | There is an illegal address access in the function output_hex() in data/data-out.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote den… |
CVE-2017-10792 | Medium | 6.5 | 2017-07-02 | There is a NULL Pointer Dereference in the function ll_insert() of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the… |
CVE-2017-10791 | Medium | 6.5 | 2017-07-02 | There is an Integer overflow in the hash_int function of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library co… |
CVE-2025-5899 | Medium | 5.3 | 2025-06-09 | A vulnerability classified as critical was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected by this vulnerability is the function parse_var… |
CVE-2025-5898 | Medium | 5.3 | 2025-06-09 | A vulnerability classified as critical has been found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected is the function parse_variables_option of… |
CVE-2025-47815 | Medium | 4.5 | 2025-05-10 | libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from zip_member_read_all) in… |
CVE-2025-47814 | Medium | 4.5 | 2025-05-10 | libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from spv_read_xml_member) in… |
CVE-2025-5001 | Low | 3.3 | 2025-05-20 | A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. It has been declared as problematic. This vulnerability affects the function ca… |
CVE-2025-48188 | Low | 2.9 | 2025-05-16 | libpspp-core.a in GNU PSPP through 2.0.1 has an incorrect call from fill_buffer (in data/encrypted-file.c) to the Gnulib rijndaelDecrypt function, leading to a… |
CVE-2025-47816 | Low | 2.9 | 2025-05-10 | libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause an spvxml-helpers.c spvxml_parse_attributes out-of-bounds read, related to extra content at… |
CVE-2025-47229 | Low | 2.9 | 2025-05-03 | libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service (var_set_leave_quiet assertion failure and application exit) via crafted… |