libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service (var_set_leave_quiet assertion failure and application exit) via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code.
Metrics
Affected Vendors & Products
References
| Link | Providers |
|---|---|
| https://savannah.gnu.org/bugs/?67049 |
|
History
Fri, 18 Jul 2025 16:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Gnu
Gnu pspp |
|
| CPEs | cpe:2.3:a:gnu:pspp:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Gnu
Gnu pspp |
Mon, 05 May 2025 16:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Sat, 03 May 2025 03:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service (var_set_leave_quiet assertion failure and application exit) via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code. | |
| Weaknesses | CWE-617 | |
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2025-05-03T00:00:00.000Z
Updated: 2025-05-05T16:07:25.818Z
Reserved: 2025-05-03T00:00:00.000Z
Link: CVE-2025-47229
Vulnrichment
Updated: 2025-05-05T16:07:20.515Z
NVD
Status : Analyzed
Published: 2025-05-03T03:15:28.183
Modified: 2025-07-18T15:54:13.770
Link: CVE-2025-47229
Redhat
No data.