libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflateread (called indirectly from zipmemberreadall) in zip-reader.c.
{ "urgency": "not yet assigned" }