These may be current. They can affect you if you are in the habit of downloading data files from sites you don't trust. On the other hand, I don't think that these sites that publish vulnerabilities ever check whether their claims of vulnerability are still true, or even that they were originally true.
On Thu, Sep 25, 2025 at 5:05 AM abi <[email protected]> wrote: > Hi team, > > 5 vulnerabilities are listed in the CVE site for product PSPP (GNU Pspp > version 2.0.1 : Security vulnerabilities, CVEs > <https://www.cvedetails.com/vulnerability-list/vendor_id-72/product_id-38732/version_id-1993646/GNU-Pspp-2.0.1.html> > ). > 1) Does this mean the current version of PSPP ie 2.0.1 is affected by > these vulnerabilities ? > 2) Also, could you please advise if the method we followed above (- > checking the vulnerability site -) is the correct way to identify open > vulnerabilities for this product? > > Regards > Laiju >
