{"id":"USN-7773-1","summary":"gnuplot vulnerabilities","details":"ChenYiFan Liu discovered that Gnuplot did not correctly handle certain\nmemory operations. An attacker could possibly use this issue to cause a\ndenial of service. (CVE-2025-3359, CVE-2025-31178, CVE-2025-31179,\nCVE-2025-31181)\n\nChenYiFan Liu discovered that Gnuplot did not correctly handle certain\nmemory operations. An attacker could possibly use this issue to cause a\ndenial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04\nLTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, Ubuntu 25.04. (CVE-2025-31176,\nCVE-2025-31180)\n\nChenYiFan Liu discovered that Gnuplot did not correctly handle certain\nmemory operations. An attacker could possibly use this issue to execute\narbitrary code or cause a denial of service. This issue only affected\nUbuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS,\nUbuntu 25.04. (CVE-2025-31177)","modified":"2026-04-24T10:05:10.614759Z","published":"2025-09-25T00:56:42Z","related":["UBUNTU-CVE-2025-31176","UBUNTU-CVE-2025-31177","UBUNTU-CVE-2025-31178","UBUNTU-CVE-2025-31179","UBUNTU-CVE-2025-31180","UBUNTU-CVE-2025-31181","UBUNTU-CVE-2025-3359"],"upstream":["CVE-2025-31176","CVE-2025-31177","CVE-2025-31178","CVE-2025-31179","CVE-2025-31180","CVE-2025-31181","CVE-2025-3359","UBUNTU-CVE-2025-31176","UBUNTU-CVE-2025-31177","UBUNTU-CVE-2025-31178","UBUNTU-CVE-2025-31179","UBUNTU-CVE-2025-31180","UBUNTU-CVE-2025-31181","UBUNTU-CVE-2025-3359"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7773-1"}],"affected":[{"package":{"name":"gnuplot","ecosystem":"Ubuntu:Pro:14.04:LTS","purl":"pkg:deb/ubuntu/gnuplot@4.6.4-2ubuntu0.1~esm2?arch=source&distro=esm-infra-legacy/trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.6.4-2ubuntu0.1~esm2"}]}],"versions":["4.6.3-2","4.6.4-1","4.6.4-2","4.6.4-2ubuntu0.1~esm1"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro","binaries":[{"binary_name":"gnuplot","binary_version":"4.6.4-2ubuntu0.1~esm2"},{"binary_name":"gnuplot-nox","binary_version":"4.6.4-2ubuntu0.1~esm2"},{"binary_name":"gnuplot-qt","binary_version":"4.6.4-2ubuntu0.1~esm2"},{"binary_name":"gnuplot-x11","binary_version":"4.6.4-2ubuntu0.1~esm2"}]},"database_specific":{"cves_map":{"cves":[],"ecosystem":"Ubuntu:Pro:14.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7773-1.json"}},{"package":{"name":"gnuplot","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/gnuplot@4.6.6-3ubuntu0.1+esm2?arch=source&distro=esm-apps/xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.6.6-3ubuntu0.1+esm2"}]}],"versions":["4.6.6-2","4.6.6-3","4.6.6-3ubuntu0.1","4.6.6-3ubuntu0.1+esm1"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_name":"gnuplot","binary_version":"4.6.6-3ubuntu0.1+esm2"},{"binary_name":"gnuplot-data","binary_version":"4.6.6-3ubuntu0.1+esm2"},{"binary_name":"gnuplot-nox","binary_version":"4.6.6-3ubuntu0.1+esm2"},{"binary_name":"gnuplot-qt","binary_version":"4.6.6-3ubuntu0.1+esm2"},{"binary_name":"gnuplot-tex","binary_version":"4.6.6-3ubuntu0.1+esm2"},{"binary_name":"gnuplot-x11","binary_version":"4.6.6-3ubuntu0.1+esm2"}]},"database_specific":{"cves_map":{"cves":[],"ecosystem":"Ubuntu:Pro:16.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7773-1.json"}},{"package":{"name":"gnuplot","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/gnuplot@5.2.2+dfsg1-2ubuntu1+esm2?arch=source&distro=esm-apps/bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.2.2+dfsg1-2ubuntu1+esm2"}]}],"versions":["5.0.7+dfsg1-1","5.2.2+dfsg1-2","5.2.2+dfsg1-2ubuntu1","5.2.2+dfsg1-2ubuntu1+esm1"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_name":"gnuplot","binary_version":"5.2.2+dfsg1-2ubuntu1+esm2"},{"binary_name":"gnuplot-data","binary_version":"5.2.2+dfsg1-2ubuntu1+esm2"},{"binary_name":"gnuplot-nox","binary_version":"5.2.2+dfsg1-2ubuntu1+esm2"},{"binary_name":"gnuplot-qt","binary_version":"5.2.2+dfsg1-2ubuntu1+esm2"},{"binary_name":"gnuplot-x11","binary_version":"5.2.2+dfsg1-2ubuntu1+esm2"}]},"database_specific":{"cves_map":{"cves":[],"ecosystem":"Ubuntu:Pro:18.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7773-1.json"}},{"package":{"name":"gnuplot","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/gnuplot@5.2.8+dfsg1-2ubuntu0.1~esm2?arch=source&distro=esm-apps/focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.2.8+dfsg1-2ubuntu0.1~esm2"}]}],"versions":["5.2.6+dfsg1-2","5.2.7+dfsg1-6","5.2.8+dfsg1-1","5.2.8+dfsg1-2","5.2.8+dfsg1-2ubuntu0.1~esm1"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_name":"gnuplot","binary_version":"5.2.8+dfsg1-2ubuntu0.1~esm2"},{"binary_name":"gnuplot-data","binary_version":"5.2.8+dfsg1-2ubuntu0.1~esm2"},{"binary_name":"gnuplot-nox","binary_version":"5.2.8+dfsg1-2ubuntu0.1~esm2"},{"binary_name":"gnuplot-qt","binary_version":"5.2.8+dfsg1-2ubuntu0.1~esm2"},{"binary_name":"gnuplot-x11","binary_version":"5.2.8+dfsg1-2ubuntu0.1~esm2"}]},"database_specific":{"cves_map":{"cves":[],"ecosystem":"Ubuntu:Pro:20.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7773-1.json"}},{"package":{"name":"gnuplot","ecosystem":"Ubuntu:Pro:22.04:LTS","purl":"pkg:deb/ubuntu/gnuplot@5.4.2+dfsg2-2ubuntu0.1~esm1?arch=source&distro=esm-apps/jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.2+dfsg2-2ubuntu0.1~esm1"}]}],"versions":["5.4.1+dfsg1-1","5.4.2+dfsg2-1","5.4.2+dfsg2-2"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_name":"gnuplot","binary_version":"5.4.2+dfsg2-2ubuntu0.1~esm1"},{"binary_name":"gnuplot-data","binary_version":"5.4.2+dfsg2-2ubuntu0.1~esm1"},{"binary_name":"gnuplot-nox","binary_version":"5.4.2+dfsg2-2ubuntu0.1~esm1"},{"binary_name":"gnuplot-qt","binary_version":"5.4.2+dfsg2-2ubuntu0.1~esm1"},{"binary_name":"gnuplot-x11","binary_version":"5.4.2+dfsg2-2ubuntu0.1~esm1"}]},"database_specific":{"cves_map":{"cves":[],"ecosystem":"Ubuntu:Pro:22.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7773-1.json"}},{"package":{"name":"gnuplot","ecosystem":"Ubuntu:Pro:24.04:LTS","purl":"pkg:deb/ubuntu/gnuplot@6.0.0+dfsg1-1ubuntu3+esm1?arch=source&distro=esm-apps/noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.0.0+dfsg1-1ubuntu3+esm1"}]}],"versions":["5.4.4+dfsg1-2build1","6.0.0+dfsg1-1ubuntu2","6.0.0+dfsg1-1ubuntu3"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_name":"gnuplot","binary_version":"6.0.0+dfsg1-1ubuntu3+esm1"},{"binary_name":"gnuplot-data","binary_version":"6.0.0+dfsg1-1ubuntu3+esm1"},{"binary_name":"gnuplot-nox","binary_version":"6.0.0+dfsg1-1ubuntu3+esm1"},{"binary_name":"gnuplot-qt","binary_version":"6.0.0+dfsg1-1ubuntu3+esm1"},{"binary_name":"gnuplot-x11","binary_version":"6.0.0+dfsg1-1ubuntu3+esm1"}]},"database_specific":{"cves_map":{"cves":[],"ecosystem":"Ubuntu:Pro:24.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7773-1.json"}}],"schema_version":"1.7.5"}