pspp is vulnerable to Out-of-bounds Write. The vulnerability is cause by a heap-base buffer overflow in ‘read_string’ within ‘utilities/pspp-dump-sav.c’. This could allow a malicious attacker to cause a denial of service or other impact.
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OECANCPD4WSSBJLSC3EE472M5DXRTIS4/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VQKWIVW5WJ5ZQNNQFRKTRKD7J3LRLUYW/
lists.fedoraproject.org/archives/list/[email protected]/message/OECANCPD4WSSBJLSC3EE472M5DXRTIS4/
lists.fedoraproject.org/archives/list/[email protected]/message/VQKWIVW5WJ5ZQNNQFRKTRKD7J3LRLUYW/
savannah.gnu.org/bugs/index.php?63000
security-tracker.debian.org/tracker/CVE-2022-39832