Psa

**Name of the Vulnerable Software and Affected Versions** GSL (GNU Scientific Library) versions 2.5 and 2.6 **Description** A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL. Processing a maliciously crafted input data for `gsl stats quantile from sorted data` of the library may lead to unexpected application termination or arbitrary code execution. The issue is related to a buffer copying vulnerability without input validation, which can be exploited by a remote attacker to cause a denial of service. **Recommendations** For GSL (GNU Scientific Library) versions 2.5 and 2.6, consider disabling the `gsl stats quantile from sorted data` function until a patch is available to prevent potential exploitation. Restrict access to the Statistics Library to minimize the risk of arbitrary code execution. Avoid using the `gsl stats quantile from sorted data` function with untrusted input data until the issue is resolved.