CVE-2025-31176

A flaw was found in gnuplot. The plot3d_points() function may lead to a segmentation fault and cause a system crash.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.2 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
redhatCNA
6.2 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
VendorProductVersion
gnuplotgnuplot
𝑥
< 6.0.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
gnuplot
bullseye
unimportant
bookworm
unimportant
trixie
unimportant
forky
unimportant
sid
unimportant
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gnuplot
plucky
Fixed 6.0.2+dfsg1-1ubuntu0.1
released
oracular
ignored
noble
Fixed 6.0.0+dfsg1-1ubuntu3+esm1
released
jammy
Fixed 5.4.2+dfsg2-2ubuntu0.1~esm1
released
focal
Fixed 5.2.8+dfsg1-2ubuntu0.1~esm2
released
bionic
Fixed 5.2.2+dfsg1-2ubuntu1+esm2
released
xenial
not-affected
trusty
not-affected
Common Weakness Enumeration
References
https://access.redhat.com/security/cve/CVE-2025-31176
https://bugzilla.redhat.com/show_bug.cgi?id=2355343