Cloud Vulnerability DB
An open project to list all known cloud vulnerabilities and Cloud Service Provider security issues
Vulnerability DatabaseCVE-2025-5898
CVE-2025-5898:
Linux Debian vulnerability analysis and mitigation
Overview
A critical vulnerability has been discovered in GNU PSPP version 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. The vulnerability affects the parsevariablesoption function in the utilities/pspp-convert.c file. This security issue was disclosed on June 9, 2025, and involves an out-of-bounds write vulnerability that requires local access to exploit (VulDB).
Technical details
The vulnerability is classified as an out-of-bounds write issue in the parsevariablesoption function within utilities/pspp-convert.c. It has received a CVSS 4.0 score of 4.8 (Medium) with the vector string CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P. The vulnerability is also associated with CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-787 (Out-of-bounds Write) (NVD).
Impact
The vulnerability can lead to out-of-bounds write operations, potentially resulting in memory corruption. The impact is considered medium severity, with potential consequences affecting the confidentiality, integrity, and availability of the system, though all at low levels according to the CVSS metrics (VulDB).
Additional resources
Source: This report was generated using AI
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Get a personalized demo
Ready to see Wiz in action?
“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management