CVE-2025-31177 — Vulnetix

CVE-2025-31177 PUBLISHED CVSS 5.5 MEDIUM

gnuplot is affected by a heap buffer overflow at function utf8_copy_one.

EPSS 0.17% · 37.7th percentile

Risk Scores

CVSS 3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Score

0.17%

37.7th percentile

Affected Products

Vendor	Product	Versions
Red Hat	Red Hat Enterprise Linux 6
		0
Red Hat	Red Hat Enterprise Linux 7
gnuplot	gnuplot	6.1.0
Red Hat	Red Hat Enterprise Linux 8

Exploit Intelligence

CIRCL seen: CVE-2025-31177 (circl-sighting)
CIRCL seen: CVE-2025-31177 (circl-sighting)
CIRCL seen: CVE-2025-31177 (circl-sighting)
https://access.redhat.com/security/cve/CVE-2025-31177 (circl)
RHBZ#2355342 (circl)

Timeline

May 7, 2025 Coalition ESS Score
May 7, 2025 CVE Published
May 7, 2025 PoC Published
May 7, 2025 PoC Published
May 8, 2025 EPSS Score
May 8, 2025 Coalition ESS Score
May 20, 2025 EPSS Score
May 31, 2025 EPSS Score
Jun 12, 2025 EPSS Score
Jun 23, 2025 EPSS Score
Jul 5, 2025 EPSS Score
Jul 17, 2025 EPSS Score

References

https://access.redhat.com/security/cve/CVE-2025-31177 vdb
RHBZ#2355342 issue
https://nvd.nist.gov/vuln/detail/CVE-2025-31177 advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›