VYPR

rpm package

opensuse/pspp&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/pspp&distro=openSUSE%20Tumbleweed

Vulnerabilities (7)

  • CVE-2019-9211Feb 27, 2019
    affected < 1.4.1-2.3fixed 1.4.1-2.3

    There is a reachable assertion abort in the function write_long_string_missing_values() in data/sys-file-writer.c in libdata.a in GNU PSPP 1.2.0 that will lead to denial of service.

  • CVE-2018-20230Dec 19, 2018
    affected < 1.4.1-2.3fixed 1.4.1-2.3

    An issue was discovered in PSPP 1.2.0. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

  • CVE-2017-12961HigAug 18, 2017
    affected < 1.4.1-2.3fixed 1.4.1-2.3

    There is an assertion abort in the function parse_attributes() in data/sys-file-reader.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service.

  • CVE-2017-12959HigAug 18, 2017
    affected < 1.4.1-2.3fixed 1.4.1-2.3

    There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack.

  • CVE-2017-12958HigAug 18, 2017
    affected < 1.4.1-2.3fixed 1.4.1-2.3

    There is an illegal address access in the function output_hex() in data/data-out.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service.

  • CVE-2017-10792MedJul 2, 2017
    affected < 1.4.1-2.3fixed 1.4.1-2.3

    There is a NULL Pointer Dereference in the function ll_insert() of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial o

  • CVE-2017-10791MedJul 2, 2017
    affected < 1.4.1-2.3fixed 1.4.1-2.3

    There is an Integer overflow in the hash_int function of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service