Gnuplot Project - Gnuplot CVE

Filtered by vendor Gnuplot Project Subscribe

Filtered by product Gnuplot

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-29369	1 Gnuplot Project	1 Gnuplot	2022-05-03	7.5 HIGH	9.8 CRITICAL
The gnuplot package prior to version 0.1.0 for Node.js allows code execution via shell metacharacters in Gnuplot commands.
CVE-2020-25412	1 Gnuplot Project	1 Gnuplot	2022-01-01	7.5 HIGH	9.8 CRITICAL
com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write from strncpy() that may lead to arbitrary code execution.

Vulnerabilities (CVE)