CVE-2025-47815

Published May 10, 2025

Last updated a month ago

CVSS medium 4.5

Overview

Description: libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from zip_member_read_all) in zip-reader.c.
Source: cve@mitre.org
NVD status: Awaiting Analysis

Risk scores

CVSS 3.1

Type: Secondary
Base score: 4.5
Impact score: 2.7
Exploitability score: 1.4
Vector string: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L
Severity: MEDIUM

Weaknesses

cve@mitre.org: CWE-122

Hype score: Not currently trending

CVE-2025-47815 libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from zip_member_read_all) in zip-re… https://t.co/QXRjqeWa7w
@CVEnew
10 May 2025
820 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

References

Sources include official advisories and independent security research.