UBUNTU-CVE-2025-31177

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2025-31177
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-31177.json
JSON Data
https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2025-31177
Related
Published
2025-05-07T21:16:00Z
Modified
2025-05-14T16:32:14Z
Summary
[none]
Details

gnuplot is affected by a heap buffer overflow at function utf8copyone.

References

Affected packages

Ubuntu:Pro:14.04:LTS / gnuplot

Package

Name
gnuplot
Purl
pkg:deb/ubuntu/gnuplot@4.6.4-2?arch=source&distro=esm-infra-legacy/trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.6.3-2
4.6.4-1
4.6.4-2

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:Pro:16.04:LTS / gnuplot

Package

Name
gnuplot
Purl
pkg:deb/ubuntu/gnuplot@4.6.6-3ubuntu0.1?arch=source&distro=esm-apps/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.6.6-2
4.6.6-3
4.6.6-3ubuntu0.1

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:Pro:18.04:LTS / gnuplot

Package

Name
gnuplot
Purl
pkg:deb/ubuntu/gnuplot@5.2.2+dfsg1-2ubuntu1?arch=source&distro=esm-apps/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.0.7+dfsg1-1
5.2.2+dfsg1-2
5.2.2+dfsg1-2ubuntu1

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:20.04:LTS / gnuplot

Package

Name
gnuplot
Purl
pkg:deb/ubuntu/gnuplot@5.2.8+dfsg1-2?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.2.6+dfsg1-2
5.2.7+dfsg1-6
5.2.8+dfsg1-1
5.2.8+dfsg1-2

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:22.04:LTS / gnuplot

Package

Name
gnuplot
Purl
pkg:deb/ubuntu/gnuplot@5.4.2+dfsg2-2?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.4.1+dfsg1-1
5.4.2+dfsg2-1
5.4.2+dfsg2-2

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:24.10 / gnuplot

Package

Name
gnuplot
Purl
pkg:deb/ubuntu/gnuplot@6.0.0+dfsg1-1ubuntu3?arch=source&distro=oracular

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

6.*

6.0.0+dfsg1-1ubuntu3

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:24.04:LTS / gnuplot

Package

Name
gnuplot
Purl
pkg:deb/ubuntu/gnuplot@6.0.0+dfsg1-1ubuntu3?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.4.4+dfsg1-2build1

6.*

6.0.0+dfsg1-1ubuntu2
6.0.0+dfsg1-1ubuntu3

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}

Ubuntu:25.04 / gnuplot

Package

Name
gnuplot
Purl
pkg:deb/ubuntu/gnuplot@6.0.2+dfsg1-1?arch=source&distro=plucky

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

6.*

6.0.0+dfsg1-1ubuntu3
6.0.2+dfsg1-1

Ecosystem specific 

{
    "ubuntu_priority": "negligible"
}