Home > Vulnerability Database > CVE-2025-5001

Mend.io Vulnerability Database

CVE-2025-5001

Date: May 20, 2025

A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. It has been declared as problematic. This vulnerability affects the function calloc of the file pspp-convert.c. The manipulation of the argument -l leads to integer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.

Severity Score

3.3

Related Resources (8)

Url: https://vuldb.com/?ctiid.309652

Url: https://drive.google.com/file/d/12IIt8eR591Z8O1ABOCkT_jdXSWaBxMZx/view?usp=drive_link

Url: https://vuldb.com/?id.309652

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-5001

Url: https://savannah.gnu.org/bugs/index.php?67069

Url: https://vuldb.com/?submit.569966

Url: https://www.gnu.org/

Url: https://www.mend.io/vulnerability-database/CVE-2025-5001

Severity Score

3.3

Weakness Type (CWE)

Integer Overflow or Wraparound

CWE-190

Numeric Errors

CWE-189

CVSS v3.1

Base Score:	3.3
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

CVSS v2

Base Score:	1.7
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	SINGLE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2025-5001

Date: May 20, 2025

Severity Score

Related Resources (8)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?