CVE-2018-19492Improper Restriction of Operations within the Bounds of a Memory Buffer in Gnuplot

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-122Heap-based Buffer Overflow12 documents7 sources
Severity
7.8HIGHNVD
EPSS
0.2%
top 55.14%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
GnuplotDebian GnuplotDebian Linux+1 more
Timeline
PublishedNov 23
Latest updateJun 23

Description

An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrm_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot pngcairo terminal is used as a backend.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages5 packages

debiandebian/gnuplot< gnuplot 5.4.0+dfsg1-1 (bookworm)
Debiangnuplot/gnuplot< 5.4.0+dfsg1-1+3
Ubuntugnuplot/gnuplot< 4.6.6-3ubuntu0.1+4
NVDgnuplot/gnuplot5.2.5
NVDopensuse/leap15.0

Also affects: Debian Linux 8.0

Patches

Patch: sourceforge.netPatch: sourceforge.net

🔴Vulnerability Details

4
OSV
gnuplot vulnerabilities2025-06-23
GHSA
GHSA-vfqh-j3mg-95c7: An issue was discovered in cairo2022-05-13
OSV
gnuplot vulnerabilities2020-09-25
OSV
CVE-2018-19492: An issue was discovered in cairo2018-11-23

📋Vendor Advisories

4
Ubuntu
Gnuplot vulnerabilities2025-06-23
Ubuntu
Gnuplot vulnerabilities2020-09-25
Red Hat
gnuplot: buffer overflow in cairotrm_options function2018-11-19
Debian
CVE-2018-19492: gnuplot - An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an atta...2018

💬Community

3
Bugzilla
CVE-2018-19492 gnuplot: buffer overflow in cairotrm_options function [fedora-all]2018-12-04
Bugzilla
CVE-2018-19492 gnuplot44: gnuplot: buffer overflow in cairotrm_options function [epel-6]2018-12-04
Bugzilla
CVE-2018-19492 gnuplot: buffer overflow in cairotrm_options function2018-12-04
CVE-2018-19492 — Debian Gnuplot vulnerability | cvebase