Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/pspp@1.6.2-2?distro=trixie
Typedeb
Namespacedebian
Namepspp
Version1.6.2-2
Qualifiers
distro trixie
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.1.0-1
Latest_non_vulnerable_version2.1.1-1
Affected_by_vulnerabilities
0
url VCID-gkd2-sy9s-v7cj
vulnerability_id VCID-gkd2-sy9s-v7cj
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-47229
reference_id
reference_type
scores
0
value 0.00028
scoring_system epss
scoring_elements 0.08459
published_at 2026-06-11T12:55:00Z
1
value 0.00028
scoring_system epss
scoring_elements 0.08497
published_at 2026-06-12T12:55:00Z
2
value 0.00102
scoring_system epss
scoring_elements 0.27721
published_at 2026-06-14T12:55:00Z
3
value 0.00102
scoring_system epss
scoring_elements 0.27732
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-47229
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47229
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47229
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104636
reference_id 1104636
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104636
4
reference_url https://savannah.gnu.org/bugs/?67049
reference_id ?67049
reference_type
scores
0
value 2.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-05T16:04:53Z/
url https://savannah.gnu.org/bugs/?67049
fixed_packages
0
url pkg:deb/debian/pspp@2.1.0-1?distro=trixie
purl pkg:deb/debian/pspp@2.1.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.1.0-1%3Fdistro=trixie
1
url pkg:deb/debian/pspp@2.1.1-1?distro=trixie
purl pkg:deb/debian/pspp@2.1.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.1.1-1%3Fdistro=trixie
aliases CVE-2025-47229
risk_score 0.7
exploitability 0.5
weighted_severity 1.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gkd2-sy9s-v7cj
Fixing_vulnerabilities
0
url VCID-2eks-dnfj-nkg5
vulnerability_id VCID-2eks-dnfj-nkg5
summary There is a reachable assertion abort in the function dict_rename_var() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12960
reference_id
reference_type
scores
0
value 0.00157
scoring_system epss
scoring_elements 0.36313
published_at 2026-06-11T12:55:00Z
1
value 0.00157
scoring_system epss
scoring_elements 0.36494
published_at 2026-06-12T12:55:00Z
2
value 0.00157
scoring_system epss
scoring_elements 0.36519
published_at 2026-06-13T12:55:00Z
3
value 0.00157
scoring_system epss
scoring_elements 0.36508
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12960
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12960
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12960
fixed_packages
0
url pkg:deb/debian/pspp@1.0.1-1?distro=trixie
purl pkg:deb/debian/pspp@1.0.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.0.1-1%3Fdistro=trixie
1
url pkg:deb/debian/pspp@1.4.1-1?distro=trixie
purl pkg:deb/debian/pspp@1.4.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cjmm-487d-zkht
1
vulnerability VCID-dqha-bxsx-fbcn
2
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.4.1-1%3Fdistro=trixie
2
url pkg:deb/debian/pspp@1.6.2-2?distro=trixie
purl pkg:deb/debian/pspp@1.6.2-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.6.2-2%3Fdistro=trixie
3
url pkg:deb/debian/pspp@2.0.1-1?distro=trixie
purl pkg:deb/debian/pspp@2.0.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.0.1-1%3Fdistro=trixie
4
url pkg:deb/debian/pspp@2.1.1-1?distro=trixie
purl pkg:deb/debian/pspp@2.1.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.1.1-1%3Fdistro=trixie
aliases CVE-2017-12960
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2eks-dnfj-nkg5
1
url VCID-59a6-whqa-c7f3
vulnerability_id VCID-59a6-whqa-c7f3
summary There is a NULL Pointer Dereference in the function ll_insert() of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-10792
reference_id
reference_type
scores
0
value 0.00472
scoring_system epss
scoring_elements 0.65093
published_at 2026-06-11T12:55:00Z
1
value 0.00472
scoring_system epss
scoring_elements 0.65194
published_at 2026-06-12T12:55:00Z
2
value 0.00472
scoring_system epss
scoring_elements 0.65204
published_at 2026-06-13T12:55:00Z
3
value 0.00472
scoring_system epss
scoring_elements 0.65202
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-10792
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10792
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10792
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866890
reference_id 866890
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866890
fixed_packages
0
url pkg:deb/debian/pspp@1.0.0-1?distro=trixie
purl pkg:deb/debian/pspp@1.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.0.0-1%3Fdistro=trixie
1
url pkg:deb/debian/pspp@1.4.1-1?distro=trixie
purl pkg:deb/debian/pspp@1.4.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cjmm-487d-zkht
1
vulnerability VCID-dqha-bxsx-fbcn
2
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.4.1-1%3Fdistro=trixie
2
url pkg:deb/debian/pspp@1.6.2-2?distro=trixie
purl pkg:deb/debian/pspp@1.6.2-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.6.2-2%3Fdistro=trixie
3
url pkg:deb/debian/pspp@2.0.1-1?distro=trixie
purl pkg:deb/debian/pspp@2.0.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.0.1-1%3Fdistro=trixie
4
url pkg:deb/debian/pspp@2.1.1-1?distro=trixie
purl pkg:deb/debian/pspp@2.1.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.1.1-1%3Fdistro=trixie
aliases CVE-2017-10792
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-59a6-whqa-c7f3
2
url VCID-5zsx-ant3-4kdw
vulnerability_id VCID-5zsx-ant3-4kdw
summary There is an illegal address access in the function output_hex() in data/data-out.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12958
reference_id
reference_type
scores
0
value 0.0027
scoring_system epss
scoring_elements 0.50781
published_at 2026-06-11T12:55:00Z
1
value 0.0027
scoring_system epss
scoring_elements 0.50914
published_at 2026-06-12T12:55:00Z
2
value 0.0027
scoring_system epss
scoring_elements 0.50931
published_at 2026-06-13T12:55:00Z
3
value 0.0027
scoring_system epss
scoring_elements 0.50918
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12958
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12958
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12958
fixed_packages
0
url pkg:deb/debian/pspp@1.0.1-1?distro=trixie
purl pkg:deb/debian/pspp@1.0.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.0.1-1%3Fdistro=trixie
1
url pkg:deb/debian/pspp@1.4.1-1?distro=trixie
purl pkg:deb/debian/pspp@1.4.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cjmm-487d-zkht
1
vulnerability VCID-dqha-bxsx-fbcn
2
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.4.1-1%3Fdistro=trixie
2
url pkg:deb/debian/pspp@1.6.2-2?distro=trixie
purl pkg:deb/debian/pspp@1.6.2-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.6.2-2%3Fdistro=trixie
3
url pkg:deb/debian/pspp@2.0.1-1?distro=trixie
purl pkg:deb/debian/pspp@2.0.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.0.1-1%3Fdistro=trixie
4
url pkg:deb/debian/pspp@2.1.1-1?distro=trixie
purl pkg:deb/debian/pspp@2.1.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.1.1-1%3Fdistro=trixie
aliases CVE-2017-12958
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5zsx-ant3-4kdw
3
url VCID-btdj-quxs-5khg
vulnerability_id VCID-btdj-quxs-5khg
summary There is a reachable assertion abort in the function dict_add_mrset() in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12959
reference_id
reference_type
scores
0
value 0.00157
scoring_system epss
scoring_elements 0.36313
published_at 2026-06-11T12:55:00Z
1
value 0.00157
scoring_system epss
scoring_elements 0.36494
published_at 2026-06-12T12:55:00Z
2
value 0.00157
scoring_system epss
scoring_elements 0.36519
published_at 2026-06-13T12:55:00Z
3
value 0.00157
scoring_system epss
scoring_elements 0.36508
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12959
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12959
fixed_packages
0
url pkg:deb/debian/pspp@1.0.1-1?distro=trixie
purl pkg:deb/debian/pspp@1.0.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.0.1-1%3Fdistro=trixie
1
url pkg:deb/debian/pspp@1.4.1-1?distro=trixie
purl pkg:deb/debian/pspp@1.4.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cjmm-487d-zkht
1
vulnerability VCID-dqha-bxsx-fbcn
2
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.4.1-1%3Fdistro=trixie
2
url pkg:deb/debian/pspp@1.6.2-2?distro=trixie
purl pkg:deb/debian/pspp@1.6.2-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.6.2-2%3Fdistro=trixie
3
url pkg:deb/debian/pspp@2.0.1-1?distro=trixie
purl pkg:deb/debian/pspp@2.0.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.0.1-1%3Fdistro=trixie
4
url pkg:deb/debian/pspp@2.1.1-1?distro=trixie
purl pkg:deb/debian/pspp@2.1.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.1.1-1%3Fdistro=trixie
aliases CVE-2017-12959
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-btdj-quxs-5khg
4
url VCID-cjmm-487d-zkht
vulnerability_id VCID-cjmm-487d-zkht
summary An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact. This issue is different from CVE-2018-20230.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-39831
reference_id
reference_type
scores
0
value 0.00067
scoring_system epss
scoring_elements 0.20962
published_at 2026-06-11T12:55:00Z
1
value 0.00067
scoring_system epss
scoring_elements 0.21138
published_at 2026-06-12T12:55:00Z
2
value 0.00067
scoring_system epss
scoring_elements 0.21157
published_at 2026-06-13T12:55:00Z
3
value 0.00067
scoring_system epss
scoring_elements 0.21139
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-39831
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39831
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39831
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019597
reference_id 1019597
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019597
fixed_packages
0
url pkg:deb/debian/pspp@1.6.2-2?distro=trixie
purl pkg:deb/debian/pspp@1.6.2-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.6.2-2%3Fdistro=trixie
1
url pkg:deb/debian/pspp@2.0.1-1?distro=trixie
purl pkg:deb/debian/pspp@2.0.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.0.1-1%3Fdistro=trixie
2
url pkg:deb/debian/pspp@2.1.1-1?distro=trixie
purl pkg:deb/debian/pspp@2.1.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.1.1-1%3Fdistro=trixie
aliases CVE-2022-39831
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cjmm-487d-zkht
5
url VCID-dqha-bxsx-fbcn
vulnerability_id VCID-dqha-bxsx-fbcn
summary An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_string in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-39832
reference_id
reference_type
scores
0
value 0.00067
scoring_system epss
scoring_elements 0.20962
published_at 2026-06-11T12:55:00Z
1
value 0.00067
scoring_system epss
scoring_elements 0.21138
published_at 2026-06-12T12:55:00Z
2
value 0.00067
scoring_system epss
scoring_elements 0.21157
published_at 2026-06-13T12:55:00Z
3
value 0.00067
scoring_system epss
scoring_elements 0.21139
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-39832
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39832
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39832
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019598
reference_id 1019598
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019598
fixed_packages
0
url pkg:deb/debian/pspp@1.6.2-2?distro=trixie
purl pkg:deb/debian/pspp@1.6.2-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.6.2-2%3Fdistro=trixie
1
url pkg:deb/debian/pspp@2.0.1-1?distro=trixie
purl pkg:deb/debian/pspp@2.0.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.0.1-1%3Fdistro=trixie
2
url pkg:deb/debian/pspp@2.1.1-1?distro=trixie
purl pkg:deb/debian/pspp@2.1.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.1.1-1%3Fdistro=trixie
aliases CVE-2022-39832
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dqha-bxsx-fbcn
6
url VCID-k2a7-8a8a-cqhj
vulnerability_id VCID-k2a7-8a8a-cqhj
summary An issue was discovered in PSPP 1.2.0. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-20230
reference_id
reference_type
scores
0
value 0.00156
scoring_system epss
scoring_elements 0.36086
published_at 2026-06-11T12:55:00Z
1
value 0.00156
scoring_system epss
scoring_elements 0.36265
published_at 2026-06-12T12:55:00Z
2
value 0.00156
scoring_system epss
scoring_elements 0.36288
published_at 2026-06-13T12:55:00Z
3
value 0.00156
scoring_system epss
scoring_elements 0.36276
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-20230
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20230
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20230
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916902
reference_id 916902
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916902
fixed_packages
0
url pkg:deb/debian/pspp@1.2.0-3?distro=trixie
purl pkg:deb/debian/pspp@1.2.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.2.0-3%3Fdistro=trixie
1
url pkg:deb/debian/pspp@1.4.1-1?distro=trixie
purl pkg:deb/debian/pspp@1.4.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cjmm-487d-zkht
1
vulnerability VCID-dqha-bxsx-fbcn
2
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.4.1-1%3Fdistro=trixie
2
url pkg:deb/debian/pspp@1.6.2-2?distro=trixie
purl pkg:deb/debian/pspp@1.6.2-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.6.2-2%3Fdistro=trixie
3
url pkg:deb/debian/pspp@2.0.1-1?distro=trixie
purl pkg:deb/debian/pspp@2.0.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.0.1-1%3Fdistro=trixie
4
url pkg:deb/debian/pspp@2.1.1-1?distro=trixie
purl pkg:deb/debian/pspp@2.1.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.1.1-1%3Fdistro=trixie
aliases CVE-2018-20230
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k2a7-8a8a-cqhj
7
url VCID-nvd8-ujj3-zbfh
vulnerability_id VCID-nvd8-ujj3-zbfh
summary There is a reachable assertion abort in the function write_long_string_missing_values() in data/sys-file-writer.c in libdata.a in GNU PSPP 1.2.0 that will lead to denial of service.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9211
reference_id
reference_type
scores
0
value 0.00498
scoring_system epss
scoring_elements 0.66323
published_at 2026-06-11T12:55:00Z
1
value 0.00498
scoring_system epss
scoring_elements 0.66417
published_at 2026-06-12T12:55:00Z
2
value 0.00498
scoring_system epss
scoring_elements 0.66431
published_at 2026-06-13T12:55:00Z
3
value 0.00498
scoring_system epss
scoring_elements 0.66428
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9211
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9211
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9211
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923417
reference_id 923417
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923417
fixed_packages
0
url pkg:deb/debian/pspp@1.2.0-4?distro=trixie
purl pkg:deb/debian/pspp@1.2.0-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.2.0-4%3Fdistro=trixie
1
url pkg:deb/debian/pspp@1.4.1-1?distro=trixie
purl pkg:deb/debian/pspp@1.4.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cjmm-487d-zkht
1
vulnerability VCID-dqha-bxsx-fbcn
2
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.4.1-1%3Fdistro=trixie
2
url pkg:deb/debian/pspp@1.6.2-2?distro=trixie
purl pkg:deb/debian/pspp@1.6.2-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.6.2-2%3Fdistro=trixie
3
url pkg:deb/debian/pspp@2.0.1-1?distro=trixie
purl pkg:deb/debian/pspp@2.0.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.0.1-1%3Fdistro=trixie
4
url pkg:deb/debian/pspp@2.1.1-1?distro=trixie
purl pkg:deb/debian/pspp@2.1.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.1.1-1%3Fdistro=trixie
aliases CVE-2019-9211
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nvd8-ujj3-zbfh
8
url VCID-pyzf-8qya-xuax
vulnerability_id VCID-pyzf-8qya-xuax
summary There is an Integer overflow in the hash_int function of the libpspp library in GNU PSPP before 0.11.0. For example, a crash was observed within the library code when attempting to convert invalid SPSS data into CSV format. A crafted input will lead to a remote denial of service attack.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-10791
reference_id
reference_type
scores
0
value 0.00339
scoring_system epss
scoring_elements 0.5703
published_at 2026-06-11T12:55:00Z
1
value 0.00339
scoring_system epss
scoring_elements 0.5715
published_at 2026-06-12T12:55:00Z
2
value 0.00339
scoring_system epss
scoring_elements 0.57164
published_at 2026-06-13T12:55:00Z
3
value 0.00339
scoring_system epss
scoring_elements 0.57156
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-10791
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10791
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10791
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866890
reference_id 866890
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866890
fixed_packages
0
url pkg:deb/debian/pspp@1.0.0-1?distro=trixie
purl pkg:deb/debian/pspp@1.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.0.0-1%3Fdistro=trixie
1
url pkg:deb/debian/pspp@1.4.1-1?distro=trixie
purl pkg:deb/debian/pspp@1.4.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cjmm-487d-zkht
1
vulnerability VCID-dqha-bxsx-fbcn
2
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.4.1-1%3Fdistro=trixie
2
url pkg:deb/debian/pspp@1.6.2-2?distro=trixie
purl pkg:deb/debian/pspp@1.6.2-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.6.2-2%3Fdistro=trixie
3
url pkg:deb/debian/pspp@2.0.1-1?distro=trixie
purl pkg:deb/debian/pspp@2.0.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.0.1-1%3Fdistro=trixie
4
url pkg:deb/debian/pspp@2.1.1-1?distro=trixie
purl pkg:deb/debian/pspp@2.1.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.1.1-1%3Fdistro=trixie
aliases CVE-2017-10791
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pyzf-8qya-xuax
9
url VCID-zy9x-vxww-ruak
vulnerability_id VCID-zy9x-vxww-ruak
summary There is an assertion abort in the function parse_attributes() in data/sys-file-reader.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to remote denial of service.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12961
reference_id
reference_type
scores
0
value 0.0027
scoring_system epss
scoring_elements 0.50781
published_at 2026-06-11T12:55:00Z
1
value 0.0027
scoring_system epss
scoring_elements 0.50914
published_at 2026-06-12T12:55:00Z
2
value 0.0027
scoring_system epss
scoring_elements 0.50931
published_at 2026-06-13T12:55:00Z
3
value 0.0027
scoring_system epss
scoring_elements 0.50918
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12961
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12961
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12961
fixed_packages
0
url pkg:deb/debian/pspp@1.0.1-1?distro=trixie
purl pkg:deb/debian/pspp@1.0.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.0.1-1%3Fdistro=trixie
1
url pkg:deb/debian/pspp@1.4.1-1?distro=trixie
purl pkg:deb/debian/pspp@1.4.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-cjmm-487d-zkht
1
vulnerability VCID-dqha-bxsx-fbcn
2
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.4.1-1%3Fdistro=trixie
2
url pkg:deb/debian/pspp@1.6.2-2?distro=trixie
purl pkg:deb/debian/pspp@1.6.2-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.6.2-2%3Fdistro=trixie
3
url pkg:deb/debian/pspp@2.0.1-1?distro=trixie
purl pkg:deb/debian/pspp@2.0.1-1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gkd2-sy9s-v7cj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.0.1-1%3Fdistro=trixie
4
url pkg:deb/debian/pspp@2.1.1-1?distro=trixie
purl pkg:deb/debian/pspp@2.1.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@2.1.1-1%3Fdistro=trixie
aliases CVE-2017-12961
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zy9x-vxww-ruak
Risk_score0.7
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/pspp@1.6.2-2%3Fdistro=trixie