GHSA-q493-98vp-6cm3

Опубликовано: 11 мая 2025

Источник: github

Github: Не прошло ревью

CVSS3: 4.5

Описание

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from spv_read_xml_member) in zip-reader.c.

Ссылки

EPSS

Процентиль: 12%

0.0004

Низкий

4.5 Medium

CVSS3

CVE ID

CVE-2025-47814

Дефекты

CWE-122

CWE-787

Связанные уязвимости

CVE-2025-47814

CVSS3: 4.5

ubuntu

около 1 месяца назад

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from spv_read_xml_member) in zip-reader.c.

CVE-2025-47814

CVSS3: 4.5

nvd

около 1 месяца назад

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from spv_read_xml_member) in zip-reader.c.

CVE-2025-47814

CVSS3: 4.5

debian

около 1 месяца назад

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a h ...

EPSS

Процентиль: 12%

0.0004

Низкий

4.5 Medium

CVSS3

CVE ID

CVE-2025-47814

Дефекты

CWE-122

CWE-787