Critical
CVSS 9.8
Overview
com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write from strncpy() that may lead to arbitrary code execution.
CVE-2020-25412
com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write from strn...
Risk analysis
This vulnerability is rated 🔴 CRITICAL.
- CVSS: 9.8 (CRITICAL)
- Detected tags: rce (tag impact: VERY HIGH)
Recommended actions:
- Patch/upgrade immediately (remote code execution).
- Reduce exposure (WAF/segmentation), minimize attack surface.