Lucene search

Gnuplot Security Vulnerabilities

cve

CVE-2017-9670

An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact when a victim opens a specially crafted file.

7.8CVSS

7.9AI Score

0.001EPSS

2017-06-15 01:29 PM

cve

CVE-2020-25412

com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write from strncpy() that may lead to arbitrary code execution.

9.8CVSS

9.6AI Score

0.011EPSS

2020-09-16 02:15 PM

cve

CVE-2020-25559

gnuplot 5.5 is affected by double free when executing print_set_output. This may result in context-dependent arbitrary code execution.

7.8CVSS

7.8AI Score

0.001EPSS

2020-09-16 01:15 PM

121

cve

CVE-2020-25969

gnuplot v5.5 was discovered to contain a buffer overflow via the function plotrequest().

9.8CVSS

9.7AI Score

0.002EPSS

2023-07-05 05:15 PM

cve

CVE-2021-29369

The gnuplot package prior to version 0.1.0 for Node.js allows code execution via shell metacharacters in Gnuplot commands.

9.8CVSS

9.6AI Score

0.004EPSS

2021-05-03 12:15 PM