CVE-2020-25969Classic Buffer Overflow in Gnuplot

CWE-120Classic Buffer Overflow7 documents6 sources
Severity
9.8CRITICALNVD
OSV7.8
EPSS
0.1%
top 70.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
GnuplotDebian Gnuplot
Timeline
PublishedJul 5
Latest updateJun 23

Description

gnuplot v5.5 was discovered to contain a buffer overflow via the function plotrequest().

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages4 packages

debiandebian/gnuplot< gnuplot 6.0.0+dfsg1-1 (forky)
Debiangnuplot/gnuplot< 6.0.0+dfsg1-1+1
Ubuntugnuplot/gnuplot< 4.6.4-2ubuntu0.1~esm1+3
NVDgnuplot/gnuplot5.5.0

🔴Vulnerability Details

3
OSV
gnuplot vulnerabilities2025-06-23
GHSA
GHSA-8536-57cw-wqg3: gnuplot v52023-07-05
OSV
CVE-2020-25969: gnuplot v52023-07-05

📋Vendor Advisories

3
Ubuntu
Gnuplot vulnerabilities2025-06-23
Red Hat
gnuplot: buffer overflow via the function plotrequest()2023-07-18
Debian
CVE-2020-25969: gnuplot - gnuplot v5.5 was discovered to contain a buffer overflow via the function plotre...2020
CVE-2020-25969 — Classic Buffer Overflow in Gnuplot | cvebase