CVE-2025-48188 – GNU PSPP libpspp-core.a Heap-Based Buffer Over-Read

CVE ID : CVE-2025-48188

Published : May 16, 2025, 9:15 p.m. | 1 hour, 45 minutes ago

Description : libpspp-core.a in GNU PSPP through 2.0.1 has an incorrect call from fill_buffer (in data/encrypted-file.c) to the Gnulib rijndaelDecrypt function, leading to a heap-based buffer over-read.

Severity: 2.9 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…