Описание
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from spv_read_xml_member) in zip-reader.c.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| pspp | unfixed | package | ||
| pspp | no-dsa | bookworm | package | |
| pspp | postponed | bullseye | package |
Примечания
https://savannah.gnu.org/bugs/?67074
EPSS
Процентиль: 12%
0.0004
Низкий
Связанные уязвимости
CVSS3: 4.5
ubuntu
около 1 месяца назад
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from spv_read_xml_member) in zip-reader.c.
CVSS3: 4.5
nvd
около 1 месяца назад
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from spv_read_xml_member) in zip-reader.c.
CVSS3: 4.5
github
около 1 месяца назад
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from spv_read_xml_member) in zip-reader.c.
EPSS
Процентиль: 12%
0.0004
Низкий