{"url":"http://public2.vulnerablecode.io/api/packages/96991?format=json","purl":"pkg:deb/debian/gnuplot@5.4.4%2Bdfsg1-2?distro=trixie","type":"deb","namespace":"debian","name":"gnuplot","version":"5.4.4+dfsg1-2","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"6.0.0+dfsg1-1","latest_non_vulnerable_version":"6.0.3+dfsg1-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70824?format=json","vulnerability_id":"VCID-7s2e-pz75-pya6","summary":"gnuplot v5.5 was discovered to contain a buffer overflow via the function plotrequest().","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25969.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25969.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25969","reference_id":"","reference_type":"","scores":[{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31289","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31278","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31287","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31255","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31358","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00125","scoring_system":"epss","scoring_elements":"0.31325","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25969"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2223509","reference_id":"2223509","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2223509"},{"reference_url":"https://sourceforge.net/p/gnuplot/bugs/2311/","reference_id":"2311","reference_type":"","scores":[{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-11-25T16:05:35Z/"}],"url":"https://sourceforge.net/p/gnuplot/bugs/2311/"},{"reference_url":"https://usn.ubuntu.com/7589-1/","reference_id":"USN-7589-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7589-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/97000?format=json","purl":"pkg:deb/debian/gnuplot@6.0.0%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@6.0.0%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96996?format=json","purl":"pkg:deb/debian/gnuplot@6.0.2%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@6.0.2%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96995?format=json","purl":"pkg:deb/debian/gnuplot@6.0.3%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@6.0.3%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2020-25969"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7s2e-pz75-pya6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70821?format=json","vulnerability_id":"VCID-gv2t-9tpk-tua6","summary":"gnuplot 5.5 is affected by double free when executing print_set_output. This may result in context-dependent arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25559.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25559.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25559","reference_id":"","reference_type":"","scores":[{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60693","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60742","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60749","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60738","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60721","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60737","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25559"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1882320","reference_id":"1882320","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1882320"},{"reference_url":"https://usn.ubuntu.com/7589-1/","reference_id":"USN-7589-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7589-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/97000?format=json","purl":"pkg:deb/debian/gnuplot@6.0.0%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@6.0.0%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96996?format=json","purl":"pkg:deb/debian/gnuplot@6.0.2%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@6.0.2%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96995?format=json","purl":"pkg:deb/debian/gnuplot@6.0.3%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@6.0.3%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2020-25559"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gv2t-9tpk-tua6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70818?format=json","vulnerability_id":"VCID-s2yk-mru4-33du","summary":"com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write from strncpy() that may lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25412.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25412.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25412","reference_id":"","reference_type":"","scores":[{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.70252","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.70294","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.70303","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.70285","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.70274","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00614","scoring_system":"epss","scoring_elements":"0.70296","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25412"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25412","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25412"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1882322","reference_id":"1882322","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1882322"},{"reference_url":"https://usn.ubuntu.com/7589-1/","reference_id":"USN-7589-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7589-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/97000?format=json","purl":"pkg:deb/debian/gnuplot@6.0.0%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@6.0.0%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96996?format=json","purl":"pkg:deb/debian/gnuplot@6.0.2%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@6.0.2%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96995?format=json","purl":"pkg:deb/debian/gnuplot@6.0.3%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@6.0.3%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2020-25412"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s2yk-mru4-33du"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70828?format=json","vulnerability_id":"VCID-1chf-z9rx-j7h5","summary":"A Divide by Zero vulnerability exists in gnuplot 5.4 in the boundary3d function in graph3d.c, which could cause a Arithmetic exception and application crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44917.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44917.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44917","reference_id":"","reference_type":"","scores":[{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31842","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36341","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.3635","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36311","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36276","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36247","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-44917"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44917","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44917"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002539","reference_id":"1002539","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1002539"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2034740","reference_id":"2034740","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2034740"},{"reference_url":"https://usn.ubuntu.com/7589-1/","reference_id":"USN-7589-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7589-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/96993?format=json","purl":"pkg:deb/debian/gnuplot@5.4.1%2Bdfsg1-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7s2e-pz75-pya6"},{"vulnerability":"VCID-gv2t-9tpk-tua6"},{"vulnerability":"VCID-s2yk-mru4-33du"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@5.4.1%252Bdfsg1-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97001?format=json","purl":"pkg:deb/debian/gnuplot@5.4.2%2Bdfsg2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@5.4.2%252Bdfsg2-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96991?format=json","purl":"pkg:deb/debian/gnuplot@5.4.4%2Bdfsg1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7s2e-pz75-pya6"},{"vulnerability":"VCID-gv2t-9tpk-tua6"},{"vulnerability":"VCID-s2yk-mru4-33du"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@5.4.4%252Bdfsg1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96996?format=json","purl":"pkg:deb/debian/gnuplot@6.0.2%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@6.0.2%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96995?format=json","purl":"pkg:deb/debian/gnuplot@6.0.3%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@6.0.3%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2021-44917"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1chf-z9rx-j7h5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70808?format=json","vulnerability_id":"VCID-1g33-vw6q-nbe9","summary":"An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact when a victim opens a specially crafted file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9670.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9670.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9670","reference_id":"","reference_type":"","scores":[{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43159","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43232","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.4324","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43219","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43184","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43194","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9670"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9670","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9670"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1462135","reference_id":"1462135","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1462135"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864901","reference_id":"864901","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864901"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/96992?format=json","purl":"pkg:deb/debian/gnuplot@5.0.5%2Bdfsg1-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@5.0.5%252Bdfsg1-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96993?format=json","purl":"pkg:deb/debian/gnuplot@5.4.1%2Bdfsg1-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7s2e-pz75-pya6"},{"vulnerability":"VCID-gv2t-9tpk-tua6"},{"vulnerability":"VCID-s2yk-mru4-33du"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@5.4.1%252Bdfsg1-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96991?format=json","purl":"pkg:deb/debian/gnuplot@5.4.4%2Bdfsg1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7s2e-pz75-pya6"},{"vulnerability":"VCID-gv2t-9tpk-tua6"},{"vulnerability":"VCID-s2yk-mru4-33du"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@5.4.4%252Bdfsg1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96996?format=json","purl":"pkg:deb/debian/gnuplot@6.0.2%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@6.0.2%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96995?format=json","purl":"pkg:deb/debian/gnuplot@6.0.3%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@6.0.3%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2017-9670"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1g33-vw6q-nbe9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70812?format=json","vulnerability_id":"VCID-am7j-jqn7-7ufn","summary":"An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the PS_options function. This flaw is caused by a missing size check of an argument passed to the \"set font\" function. This issue occurs when the Gnuplot postscript terminal is used as a backend.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19491.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19491.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19491","reference_id":"","reference_type":"","scores":[{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.4484","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.4491","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44917","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44896","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44867","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44878","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19491"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19491","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19491"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1656179","reference_id":"1656179","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1656179"},{"reference_url":"https://usn.ubuntu.com/4541-1/","reference_id":"USN-4541-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4541-1/"},{"reference_url":"https://usn.ubuntu.com/7589-1/","reference_id":"USN-7589-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7589-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/96999?format=json","purl":"pkg:deb/debian/gnuplot@5.4.0%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@5.4.0%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96993?format=json","purl":"pkg:deb/debian/gnuplot@5.4.1%2Bdfsg1-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7s2e-pz75-pya6"},{"vulnerability":"VCID-gv2t-9tpk-tua6"},{"vulnerability":"VCID-s2yk-mru4-33du"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@5.4.1%252Bdfsg1-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96991?format=json","purl":"pkg:deb/debian/gnuplot@5.4.4%2Bdfsg1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7s2e-pz75-pya6"},{"vulnerability":"VCID-gv2t-9tpk-tua6"},{"vulnerability":"VCID-s2yk-mru4-33du"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@5.4.4%252Bdfsg1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96996?format=json","purl":"pkg:deb/debian/gnuplot@6.0.2%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@6.0.2%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96995?format=json","purl":"pkg:deb/debian/gnuplot@6.0.3%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@6.0.3%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2018-19491"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-am7j-jqn7-7ufn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70815?format=json","vulnerability_id":"VCID-bnzp-x3u5-v3bg","summary":"An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrm_options function. This flaw is caused by a missing size check of an argument passed to the \"set font\" function. This issue occurs when the Gnuplot pngcairo terminal is used as a backend.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19492.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19492.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19492","reference_id":"","reference_type":"","scores":[{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.4484","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.4491","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44917","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44896","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44867","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44878","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19492"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19492","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19492"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1656183","reference_id":"1656183","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1656183"},{"reference_url":"https://usn.ubuntu.com/4541-1/","reference_id":"USN-4541-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4541-1/"},{"reference_url":"https://usn.ubuntu.com/7589-1/","reference_id":"USN-7589-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7589-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/96999?format=json","purl":"pkg:deb/debian/gnuplot@5.4.0%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@5.4.0%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96993?format=json","purl":"pkg:deb/debian/gnuplot@5.4.1%2Bdfsg1-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7s2e-pz75-pya6"},{"vulnerability":"VCID-gv2t-9tpk-tua6"},{"vulnerability":"VCID-s2yk-mru4-33du"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@5.4.1%252Bdfsg1-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96991?format=json","purl":"pkg:deb/debian/gnuplot@5.4.4%2Bdfsg1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7s2e-pz75-pya6"},{"vulnerability":"VCID-gv2t-9tpk-tua6"},{"vulnerability":"VCID-s2yk-mru4-33du"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@5.4.4%252Bdfsg1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96996?format=json","purl":"pkg:deb/debian/gnuplot@6.0.2%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@6.0.2%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96995?format=json","purl":"pkg:deb/debian/gnuplot@6.0.3%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@6.0.3%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2018-19492"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bnzp-x3u5-v3bg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70810?format=json","vulnerability_id":"VCID-p5zm-nehg-zuan","summary":"An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in df_generate_ascii_array_entry. To exploit this vulnerability, an attacker must pass an overlong string as the right bound of the range argument that is passed to the plot function.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19490.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19490.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19490","reference_id":"","reference_type":"","scores":[{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.4484","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.4491","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44917","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44896","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44867","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44878","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19490"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19490","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19490"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1656174","reference_id":"1656174","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1656174"},{"reference_url":"https://usn.ubuntu.com/4541-1/","reference_id":"USN-4541-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4541-1/"},{"reference_url":"https://usn.ubuntu.com/7589-1/","reference_id":"USN-7589-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7589-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/96999?format=json","purl":"pkg:deb/debian/gnuplot@5.4.0%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@5.4.0%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96993?format=json","purl":"pkg:deb/debian/gnuplot@5.4.1%2Bdfsg1-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7s2e-pz75-pya6"},{"vulnerability":"VCID-gv2t-9tpk-tua6"},{"vulnerability":"VCID-s2yk-mru4-33du"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@5.4.1%252Bdfsg1-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96991?format=json","purl":"pkg:deb/debian/gnuplot@5.4.4%2Bdfsg1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7s2e-pz75-pya6"},{"vulnerability":"VCID-gv2t-9tpk-tua6"},{"vulnerability":"VCID-s2yk-mru4-33du"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@5.4.4%252Bdfsg1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96996?format=json","purl":"pkg:deb/debian/gnuplot@6.0.2%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@6.0.2%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/96995?format=json","purl":"pkg:deb/debian/gnuplot@6.0.3%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@6.0.3%252Bdfsg1-1%3Fdistro=trixie"}],"aliases":["CVE-2018-19490"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p5zm-nehg-zuan"}],"risk_score":"3.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gnuplot@5.4.4%252Bdfsg1-2%3Fdistro=trixie"}