CVE-2025-47229

Low CVSS 2.9

Overview

libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service (var_set_leave_quiet assertion failure and application exit) via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code.

CWE: CWE-617 Published: 2025-05-03T03:15:28.183

Risk analysis

This vulnerability is rated 🟢 LOW.

CVSS: 2.9 (LOW)
Detected tags: dos (tag impact: LOW)

Recommended actions:

Rate limiting, resource quotas and circuit breakers.

Overview

Recommended tools

Tags