Nixpkgs Security Tracker

Untriaged

Permalink CVE-2025-31177

6.2 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months ago

Gnuplot: gnuplot heap-buffer overflow on utf8_copy_one

gnuplot is affected by a heap buffer overflow at function utf8_copy_one.

References

https://access.redhat.com/security/cve/CVE-2025-31177 x_refsource_REDHAT vdb-entry
RHBZ#2355342 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-31177 x_refsource_REDHAT vdb-entry
RHBZ#2355342 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-31177 x_refsource_REDHAT vdb-entry
RHBZ#2355342 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-31177 x_refsource_REDHAT vdb-entry
RHBZ#2355342 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-31177 x_refsource_REDHAT vdb-entry
RHBZ#2355342 issue-tracking x_refsource_REDHAT

Affected products

gnuplot

<6.0

Matching in nixpkgs

pkgs.gnuplot

Portable command-line driven graphing utility for many platforms

nixos-unstable -
- nixpkgs-unstable 6.0.3

pkgs.gnuplot_qt

Portable command-line driven graphing utility for many platforms

nixos-unstable -
- nixpkgs-unstable 6.0.3

pkgs.feedgnuplot

General purpose pipe-oriented plotting tool

nixos-unstable -
- nixpkgs-unstable 1.61

pkgs.gnuplot_aquaterm

Portable command-line driven graphing utility for many platforms

nixos-unstable -
- nixpkgs-unstable 6.0.3

pkgs.haskellPackages.gnuplot

2D and 3D plots using gnuplot

nixos-unstable -
- nixpkgs-unstable 0.5.7

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe

A simple interface to Gnuplot

nixos-unstable -
- nixpkgs-unstable 0.4.2

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot

None

nixos-unstable -
- nixpkgs-unstable

Package maintainers

@mnacamura Mitsuhiro Nakamura <m.nacamura@gmail.com>
@lovek323 Jason O'Conal <jason@oconal.id.au>
@thielema Henning Thielemann <nix@henning-thielemann.de>

Untriaged

Permalink CVE-2025-3359

6.2 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months ago

Gnuplot: segmentation fault via io_str_init_static_internal function

A flaw was found in GNUPlot. A segmentation fault via IO_str_init_static_internal may jeopardize the environment.

References

https://access.redhat.com/security/cve/CVE-2025-3359 x_refsource_REDHAT vdb-entry
RHBZ#2357749 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-3359 x_refsource_REDHAT vdb-entry
RHBZ#2357749 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-3359 x_refsource_REDHAT vdb-entry
RHBZ#2357749 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-3359 x_refsource_REDHAT vdb-entry
RHBZ#2357749 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-3359 x_refsource_REDHAT vdb-entry
RHBZ#2357749 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-3359 x_refsource_REDHAT vdb-entry
RHBZ#2357749 issue-tracking x_refsource_REDHAT

Affected products

gnuplot

<6.1

Matching in nixpkgs

pkgs.gnuplot

Portable command-line driven graphing utility for many platforms

nixos-unstable -
- nixpkgs-unstable 6.0.3

pkgs.gnuplot_qt

Portable command-line driven graphing utility for many platforms

nixos-unstable -
- nixpkgs-unstable 6.0.3

pkgs.feedgnuplot

General purpose pipe-oriented plotting tool

nixos-unstable -
- nixpkgs-unstable 1.61

pkgs.gnuplot_aquaterm

Portable command-line driven graphing utility for many platforms

nixos-unstable -
- nixpkgs-unstable 6.0.3

pkgs.haskellPackages.gnuplot

2D and 3D plots using gnuplot

nixos-unstable -
- nixpkgs-unstable 0.5.7

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe

A simple interface to Gnuplot

nixos-unstable -
- nixpkgs-unstable 0.4.2

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot

None

nixos-unstable -
- nixpkgs-unstable

Package maintainers

@mnacamura Mitsuhiro Nakamura <m.nacamura@gmail.com>
@lovek323 Jason O'Conal <jason@oconal.id.au>
@thielema Henning Thielemann <nix@henning-thielemann.de>

Untriaged

Permalink CVE-2025-31181

6.2 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months ago

Gnuplot: gnuplot segmentation fault on x11_graphics

A flaw was found in gnuplot. The X11_graphics() function may lead to a segmentation fault and cause a system crash.

References

https://access.redhat.com/security/cve/CVE-2025-31181 x_refsource_REDHAT vdb-entry
RHBZ#2355338 issue-tracking x_refsource_REDHAT
RHBZ#2355338 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-31181 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2025-31181 x_refsource_REDHAT vdb-entry
RHBZ#2355338 issue-tracking x_refsource_REDHAT
RHBZ#2355338 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-31181 x_refsource_REDHAT vdb-entry

Affected products

gnuplot

<6.1

Matching in nixpkgs

pkgs.gnuplot

Portable command-line driven graphing utility for many platforms

nixos-unstable -
- nixpkgs-unstable 6.0.3

pkgs.gnuplot_qt

Portable command-line driven graphing utility for many platforms

nixos-unstable -
- nixpkgs-unstable 6.0.3

pkgs.feedgnuplot

General purpose pipe-oriented plotting tool

nixos-unstable -
- nixpkgs-unstable 1.61

pkgs.gnuplot_aquaterm

Portable command-line driven graphing utility for many platforms

nixos-unstable -
- nixpkgs-unstable 6.0.3

pkgs.haskellPackages.gnuplot

2D and 3D plots using gnuplot

nixos-unstable -
- nixpkgs-unstable 0.5.7

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe

A simple interface to Gnuplot

nixos-unstable -
- nixpkgs-unstable 0.4.2

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot

None

nixos-unstable -
- nixpkgs-unstable

Package maintainers

@mnacamura Mitsuhiro Nakamura <m.nacamura@gmail.com>
@lovek323 Jason O'Conal <jason@oconal.id.au>
@thielema Henning Thielemann <nix@henning-thielemann.de>

Untriaged

Permalink CVE-2025-31180

6.2 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months ago

Gnuplot: gnuplot segmentation fault on canvas_text

A flaw was found in gnuplot. The CANVAS_text() function may lead to a segmentation fault and cause a system crash.

References

https://access.redhat.com/security/cve/CVE-2025-31180 x_refsource_REDHAT vdb-entry
RHBZ#2355339 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-31180 x_refsource_REDHAT vdb-entry
RHBZ#2355339 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-31180 x_refsource_REDHAT vdb-entry
RHBZ#2355339 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-31180 x_refsource_REDHAT vdb-entry
RHBZ#2355339 issue-tracking x_refsource_REDHAT

Affected products

gnuplot

<6.0

Matching in nixpkgs

pkgs.gnuplot

Portable command-line driven graphing utility for many platforms

nixos-unstable -
- nixpkgs-unstable 6.0.3

pkgs.gnuplot_qt

Portable command-line driven graphing utility for many platforms

nixos-unstable -
- nixpkgs-unstable 6.0.3

pkgs.feedgnuplot

General purpose pipe-oriented plotting tool

nixos-unstable -
- nixpkgs-unstable 1.61

pkgs.gnuplot_aquaterm

Portable command-line driven graphing utility for many platforms

nixos-unstable -
- nixpkgs-unstable 6.0.3

pkgs.haskellPackages.gnuplot

2D and 3D plots using gnuplot

nixos-unstable -
- nixpkgs-unstable 0.5.7

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe

A simple interface to Gnuplot

nixos-unstable -
- nixpkgs-unstable 0.4.2

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot

None

nixos-unstable -
- nixpkgs-unstable

Package maintainers

@mnacamura Mitsuhiro Nakamura <m.nacamura@gmail.com>
@lovek323 Jason O'Conal <jason@oconal.id.au>
@thielema Henning Thielemann <nix@henning-thielemann.de>

Untriaged

Permalink CVE-2025-31178

6.2 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months ago

Gnuplot: gnuplot segmentation fault on getannotatestring

A flaw was found in gnuplot. The GetAnnotateString() function may lead to a segmentation fault and cause a system crash.

References

https://access.redhat.com/security/cve/CVE-2025-31178 x_refsource_REDHAT vdb-entry
RHBZ#2355341 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-31178 x_refsource_REDHAT vdb-entry
RHBZ#2355341 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-31178 x_refsource_REDHAT vdb-entry
RHBZ#2355341 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-31178 x_refsource_REDHAT vdb-entry
RHBZ#2355341 issue-tracking x_refsource_REDHAT

Affected products

gnuplot

<6.0

Matching in nixpkgs

pkgs.gnuplot

Portable command-line driven graphing utility for many platforms

nixos-unstable -
- nixpkgs-unstable 6.0.3

pkgs.gnuplot_qt

Portable command-line driven graphing utility for many platforms

nixos-unstable -
- nixpkgs-unstable 6.0.3

pkgs.feedgnuplot

General purpose pipe-oriented plotting tool

nixos-unstable -
- nixpkgs-unstable 1.61

pkgs.gnuplot_aquaterm

Portable command-line driven graphing utility for many platforms

nixos-unstable -
- nixpkgs-unstable 6.0.3

pkgs.haskellPackages.gnuplot

2D and 3D plots using gnuplot

nixos-unstable -
- nixpkgs-unstable 0.5.7

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe

A simple interface to Gnuplot

nixos-unstable -
- nixpkgs-unstable 0.4.2

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot

None

nixos-unstable -
- nixpkgs-unstable

Package maintainers

@mnacamura Mitsuhiro Nakamura <m.nacamura@gmail.com>
@lovek323 Jason O'Conal <jason@oconal.id.au>
@thielema Henning Thielemann <nix@henning-thielemann.de>

Untriaged

Permalink CVE-2025-31179

6.2 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months ago

Gnuplot: gnuplot segmentation fault on xstrftime

A flaw was found in gnuplot. The xstrftime() function may lead to a segmentation fault, causing a system crash.

References

https://access.redhat.com/security/cve/CVE-2025-31179 x_refsource_REDHAT vdb-entry
RHBZ#2355340 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-31179 x_refsource_REDHAT vdb-entry
RHBZ#2355340 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-31179 x_refsource_REDHAT vdb-entry
RHBZ#2355340 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-31179 x_refsource_REDHAT vdb-entry
RHBZ#2355340 issue-tracking x_refsource_REDHAT

Affected products

gnuplot

<6.0

Matching in nixpkgs

pkgs.gnuplot

Portable command-line driven graphing utility for many platforms

nixos-unstable -
- nixpkgs-unstable 6.0.3

pkgs.gnuplot_qt

Portable command-line driven graphing utility for many platforms

nixos-unstable -
- nixpkgs-unstable 6.0.3

pkgs.feedgnuplot

General purpose pipe-oriented plotting tool

nixos-unstable -
- nixpkgs-unstable 1.61

pkgs.gnuplot_aquaterm

Portable command-line driven graphing utility for many platforms

nixos-unstable -
- nixpkgs-unstable 6.0.3

pkgs.haskellPackages.gnuplot

2D and 3D plots using gnuplot

nixos-unstable -
- nixpkgs-unstable 0.5.7

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe

A simple interface to Gnuplot

nixos-unstable -
- nixpkgs-unstable 0.4.2

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot

None

nixos-unstable -
- nixpkgs-unstable

Package maintainers

@mnacamura Mitsuhiro Nakamura <m.nacamura@gmail.com>
@lovek323 Jason O'Conal <jason@oconal.id.au>
@thielema Henning Thielemann <nix@henning-thielemann.de>

Untriaged

Permalink CVE-2025-31176

6.2 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months ago

Gnuplot: gnuplot segmentation fault on plot3d_points

A flaw was found in gnuplot. The plot3d_points() function may lead to a segmentation fault and cause a system crash.

References

RHBZ#2355343 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-31176 x_refsource_REDHAT vdb-entry
https://access.redhat.com/security/cve/CVE-2025-31176 x_refsource_REDHAT vdb-entry
RHBZ#2355343 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-31176 x_refsource_REDHAT vdb-entry
RHBZ#2355343 issue-tracking x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-31176 x_refsource_REDHAT vdb-entry
RHBZ#2355343 issue-tracking x_refsource_REDHAT

Affected products

gnuplot

<6.0

Matching in nixpkgs

pkgs.gnuplot

Portable command-line driven graphing utility for many platforms

nixos-unstable -
- nixpkgs-unstable 6.0.3

pkgs.gnuplot_qt

Portable command-line driven graphing utility for many platforms

nixos-unstable -
- nixpkgs-unstable 6.0.3

pkgs.feedgnuplot

General purpose pipe-oriented plotting tool

nixos-unstable -
- nixpkgs-unstable 1.61

pkgs.gnuplot_aquaterm

Portable command-line driven graphing utility for many platforms

nixos-unstable -
- nixpkgs-unstable 6.0.3

pkgs.haskellPackages.gnuplot

2D and 3D plots using gnuplot

nixos-unstable -
- nixpkgs-unstable 0.5.7

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe

A simple interface to Gnuplot

nixos-unstable -
- nixpkgs-unstable 0.4.2

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot

None

nixos-unstable -
- nixpkgs-unstable

Package maintainers

@mnacamura Mitsuhiro Nakamura <m.nacamura@gmail.com>
@lovek323 Jason O'Conal <jason@oconal.id.au>
@thielema Henning Thielemann <nix@henning-thielemann.de>

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.gnuplot

pkgs.gnuplot_qt

pkgs.feedgnuplot

pkgs.gnuplot_aquaterm

pkgs.haskellPackages.gnuplot

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.gnuplot

pkgs.gnuplot_qt

pkgs.feedgnuplot

pkgs.gnuplot_aquaterm

pkgs.haskellPackages.gnuplot

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.gnuplot

pkgs.gnuplot_qt

pkgs.feedgnuplot

pkgs.gnuplot_aquaterm

pkgs.haskellPackages.gnuplot

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.gnuplot

pkgs.gnuplot_qt

pkgs.feedgnuplot

pkgs.gnuplot_aquaterm

pkgs.haskellPackages.gnuplot

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.gnuplot

pkgs.gnuplot_qt

pkgs.feedgnuplot

pkgs.gnuplot_aquaterm

pkgs.haskellPackages.gnuplot

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.gnuplot

pkgs.gnuplot_qt

pkgs.feedgnuplot

pkgs.gnuplot_aquaterm

pkgs.haskellPackages.gnuplot

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.gnuplot

pkgs.gnuplot_qt

pkgs.feedgnuplot

pkgs.gnuplot_aquaterm

pkgs.haskellPackages.gnuplot

pkgs.chickenPackages_5.chickenEggs.gnuplot-pipe

pkgs.vimPlugins.nvim-treesitter-parsers.gnuplot

Package maintainers