CVE-2025-47229

Name of the Vulnerable Software and Affected Versions GNU PSPP versions through 2.0.1

Description The issue allows attackers to cause a denial of service, resulting in an application exit, via crafted input data. This can be triggered by specific data that causes a call from the src/data/dictionary.c code into the src/data/variable.c code, leading to a var set leave quiet assertion failure.

Recommendations For GNU PSPP versions through 2.0.1, consider avoiding the use of crafted input data that may trigger the denial of service until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.