rpm package
opensuse/gnuplot&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/gnuplot&distro=openSUSE%20Tumbleweed
Vulnerabilities (13)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-31177 | — | < 6.0.2-3.1 | 6.0.2-3.1 | May 7, 2025 | gnuplot is affected by a heap buffer overflow at function utf8_copy_one. | ||
| CVE-2025-3359 | Med | 6.2 | < 6.0.2-3.1 | 6.0.2-3.1 | Apr 7, 2025 | A flaw was found in GNUPlot. A segmentation fault via IO_str_init_static_internal may jeopardize the environment. | |
| CVE-2025-31181 | — | < 6.0.2-3.1 | 6.0.2-3.1 | Mar 27, 2025 | A flaw was found in gnuplot. The X11_graphics() function may lead to a segmentation fault and cause a system crash. | ||
| CVE-2025-31180 | — | < 6.0.2-3.1 | 6.0.2-3.1 | Mar 27, 2025 | A flaw was found in gnuplot. The CANVAS_text() function may lead to a segmentation fault and cause a system crash. | ||
| CVE-2025-31179 | — | < 6.0.2-3.1 | 6.0.2-3.1 | Mar 27, 2025 | A flaw was found in gnuplot. The xstrftime() function may lead to a segmentation fault, causing a system crash. | ||
| CVE-2025-31178 | — | < 6.0.2-3.1 | 6.0.2-3.1 | Mar 27, 2025 | A flaw was found in gnuplot. The GetAnnotateString() function may lead to a segmentation fault and cause a system crash. | ||
| CVE-2025-31176 | — | < 6.0.2-3.1 | 6.0.2-3.1 | Mar 27, 2025 | A flaw was found in gnuplot. The plot3d_points() function may lead to a segmentation fault and cause a system crash. | ||
| CVE-2021-44917 | — | < 5.4.3-1.1 | 5.4.3-1.1 | Dec 21, 2021 | A Divide by Zero vulnerability exists in gnuplot 5.4 in the boundary3d function in graph3d.c, which could cause a Arithmetic exception and application crash. | ||
| CVE-2020-25412 | — | < 5.4.2-1.3 | 5.4.2-1.3 | Sep 16, 2020 | com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write from strncpy() that may lead to arbitrary code execution. | ||
| CVE-2020-25559 | — | < 5.4.2-1.3 | 5.4.2-1.3 | Sep 16, 2020 | gnuplot 5.5 is affected by double free when executing print_set_output. This may result in context-dependent arbitrary code execution. | ||
| CVE-2018-19492 | — | < 5.4.2-1.3 | 5.4.2-1.3 | Nov 23, 2018 | An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrm_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This | ||
| CVE-2018-19490 | — | < 5.4.2-1.3 | 5.4.2-1.3 | Nov 23, 2018 | An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in df_generate_ascii_array_entry. To exploit this vulnerability, an attacker must pass an overlong string as the right bo | ||
| CVE-2017-9670 | Hig | 7.8 | < 5.4.2-1.3 | 5.4.2-1.3 | Jun 15, 2017 | An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact when a victim opens a specially crafted file. |
- CVE-2025-31177May 7, 2025affected < 6.0.2-3.1fixed 6.0.2-3.1
gnuplot is affected by a heap buffer overflow at function utf8_copy_one.
- affected < 6.0.2-3.1fixed 6.0.2-3.1
A flaw was found in GNUPlot. A segmentation fault via IO_str_init_static_internal may jeopardize the environment.
- CVE-2025-31181Mar 27, 2025affected < 6.0.2-3.1fixed 6.0.2-3.1
A flaw was found in gnuplot. The X11_graphics() function may lead to a segmentation fault and cause a system crash.
- CVE-2025-31180Mar 27, 2025affected < 6.0.2-3.1fixed 6.0.2-3.1
A flaw was found in gnuplot. The CANVAS_text() function may lead to a segmentation fault and cause a system crash.
- CVE-2025-31179Mar 27, 2025affected < 6.0.2-3.1fixed 6.0.2-3.1
A flaw was found in gnuplot. The xstrftime() function may lead to a segmentation fault, causing a system crash.
- CVE-2025-31178Mar 27, 2025affected < 6.0.2-3.1fixed 6.0.2-3.1
A flaw was found in gnuplot. The GetAnnotateString() function may lead to a segmentation fault and cause a system crash.
- CVE-2025-31176Mar 27, 2025affected < 6.0.2-3.1fixed 6.0.2-3.1
A flaw was found in gnuplot. The plot3d_points() function may lead to a segmentation fault and cause a system crash.
- CVE-2021-44917Dec 21, 2021affected < 5.4.3-1.1fixed 5.4.3-1.1
A Divide by Zero vulnerability exists in gnuplot 5.4 in the boundary3d function in graph3d.c, which could cause a Arithmetic exception and application crash.
- CVE-2020-25412Sep 16, 2020affected < 5.4.2-1.3fixed 5.4.2-1.3
com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write from strncpy() that may lead to arbitrary code execution.
- CVE-2020-25559Sep 16, 2020affected < 5.4.2-1.3fixed 5.4.2-1.3
gnuplot 5.5 is affected by double free when executing print_set_output. This may result in context-dependent arbitrary code execution.
- CVE-2018-19492Nov 23, 2018affected < 5.4.2-1.3fixed 5.4.2-1.3
An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrm_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This
- CVE-2018-19490Nov 23, 2018affected < 5.4.2-1.3fixed 5.4.2-1.3
An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in df_generate_ascii_array_entry. To exploit this vulnerability, an attacker must pass an overlong string as the right bo
- affected < 5.4.2-1.3fixed 5.4.2-1.3
An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact when a victim opens a specially crafted file.