Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2025-48188
CVE-2025-48188:
NixOS vulnerability analysis and mitigation
Overview
libpspp-core.a in GNU PSPP through 2.0.1 contains a heap-based buffer over-read vulnerability. The issue stems from an incorrect call from fill_buffer function in data/encrypted-file.c to the Gnulib rijndaelDecrypt function (NVD).
Technical details
The vulnerability is classified as a heap-based buffer over-read (CWE-125). The CVSS v3.1 base score is 2.9 (LOW) with the following vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L. The vulnerability specifically affects the fill_buffer function in the data/encrypted-file.c component when making calls to the Gnulib rijndaelDecrypt function (NVD, Wiz).
Impact
The vulnerability has a low severity impact with no effect on confidentiality or integrity, but a low impact on availability. The heap-based buffer over-read could potentially lead to information disclosure or program crashes (Wiz).
Mitigation and workarounds
A bug report has been filed in the GNU Savannah bug tracker. Users should monitor for updates and patches from the GNU PSPP project (GNU Savannah).
Additional resources
Source: This report was generated using AI
Related NixOS vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management