DOS in GNU PSPP <2.0.1 via libpspp-core.a (var_set_leave_quiet Assertion)
CVE-2025-47229 Published on May 3, 2025
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service (var_set_leave_quiet assertion failure and application exit) via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code.
Weakness Type
What is an assertion failure Vulnerability?
The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
CVE-2025-47229 has been classified to as an assertion failure vulnerability or weakness.
Products Associated with CVE-2025-47229
Want to know whenever a new CVE is published for GNU Pspp? stack.watch will email you.
Affected Versions
GNU PSPP:- Before and including 2.0.1 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.