pspp is vulnerable to Heap-Based Buffer Overflow. The vulnerability is available in the ‘read_bytes_internal’ function within ‘utilities/pspp-dump-sav.c’ . This can be exploited by a malicious attacker to cause a denial of service.
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OECANCPD4WSSBJLSC3EE472M5DXRTIS4/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VQKWIVW5WJ5ZQNNQFRKTRKD7J3LRLUYW/
lists.fedoraproject.org/archives/list/[email protected]/message/OECANCPD4WSSBJLSC3EE472M5DXRTIS4/
lists.fedoraproject.org/archives/list/[email protected]/message/VQKWIVW5WJ5ZQNNQFRKTRKD7J3LRLUYW/
savannah.gnu.org/bugs/?62977
security-tracker.debian.org/tracker/CVE-2022-39831