Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Pspp
(Gnu)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 10 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-09-05 | CVE-2022-39832 | An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_string in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | Fedora, Pspp | 7.8 | ||
| 2022-09-05 | CVE-2022-39831 | An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact. This issue is different from CVE-2018-20230. | Fedora, Pspp | 7.8 | ||
| 2019-02-27 | CVE-2019-9211 | There is a reachable assertion abort in the function write_long_string_missing_values() in data/sys-file-writer.c in libdata.a in GNU PSPP 1.2.0 that will lead to denial of service. | Fedora, Pspp, Backports | 6.5 | ||
| 2018-12-19 | CVE-2018-20230 | An issue was discovered in PSPP 1.2.0. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | Pspp | 7.8 | ||
| 2017-08-18 | CVE-2017-12960 | There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service. | Pspp | 7.5 | ||
| 2017-08-18 | CVE-2017-12959 | There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack. | Pspp | 7.5 | ||
| 2017-08-18 | CVE-2017-12961 | There is an assertion abort in the function parse_attributes() in data/sys-file-reader.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service. | Pspp | 7.5 | ||
| 2017-08-18 | CVE-2017-12958 | There is an illegal address access in the function output_hex() in data/data-out.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service. | Pspp | 7.5 | ||
| 2017-07-02 | CVE-2017-10792 | There is a NULL Pointer Dereference in the function ll_insert() of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack. | Pspp | 6.5 | ||
| 2017-07-02 | CVE-2017-10791 | There is an Integer overflow in the hash_int function of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack. | Pspp | 6.5 |