CVE-2025-47815

Sažetak

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from zip_member_read_all) in zip-reader.c.

Reference

https://savannah.gnu.org/bugs/?67075
https://savannah.gnu.org/bugs/?67075

CVSS

Base:	4.5
Impact:	2.7
Exploitability:	1.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	LOW	LOW

CVSS vektor

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:L

Zadnje važnije ažuriranje

12-06-2025 - 16:13

Objavljeno

10-05-2025 - 22:15