Описание
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from spv_read_xml_member) in zip-reader.c.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| pspp | unfixed | package | ||
| pspp | no-dsa | trixie | package | |
| pspp | no-dsa | bookworm | package | |
| pspp | postponed | bullseye | package |
Примечания
https://savannah.gnu.org/bugs/?67074
Связанные уязвимости
CVSS3: 4.5
ubuntu
9 месяцев назад
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from spv_read_xml_member) in zip-reader.c.
CVSS3: 4.5
nvd
9 месяцев назад
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from spv_read_xml_member) in zip-reader.c.
CVSS3: 4.5
github
9 месяцев назад
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from spv_read_xml_member) in zip-reader.c.