{"affected":[{"ecosystem_specific":{"binaries":[{"gnuplot":"4.6.5-3.3.74"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP4","name":"gnuplot","purl":"pkg:rpm/suse/gnuplot&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.6.5-3.3.74"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"gnuplot":"4.6.5-3.3.74"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP4","name":"gnuplot","purl":"pkg:rpm/suse/gnuplot&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.6.5-3.3.74"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"gnuplot":"4.6.5-3.3.74"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP5","name":"gnuplot","purl":"pkg:rpm/suse/gnuplot&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.6.5-3.3.74"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"gnuplot":"4.6.5-3.3.74"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP5","name":"gnuplot","purl":"pkg:rpm/suse/gnuplot&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.6.5-3.3.74"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for gnuplot fixes the following issues:\n\nFollowing security issues were fixed:\n\n- CVE-2018-19492: Fixed a buffer overflow in cairotrm_options function (bsc#1117463)\n- CVE-2018-19491: Fixed a buffer overlow in the PS_options function (bsc#1117464)\n- CVE-2018-19490: Fixed a heap-based buffer overflow in the df_generate_ascii_array_entry function (bsc#1117465)\n- CVE-2017-9670: Fixed a uninitialized stack variable vulnerability which could lead to a Denial of Service (bsc#1044638)\n","id":"SUSE-SU-2020:1660-1","modified":"2020-06-18T09:10:01Z","published":"2020-06-18T09:10:01Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2020/suse-su-20201660-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1044638"},{"type":"REPORT","url":"https://bugzilla.suse.com/1117463"},{"type":"REPORT","url":"https://bugzilla.suse.com/1117464"},{"type":"REPORT","url":"https://bugzilla.suse.com/1117465"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-9670"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-19490"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-19491"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-19492"}],"related":["CVE-2017-9670","CVE-2018-19490","CVE-2018-19491","CVE-2018-19492"],"summary":"Security update for gnuplot","upstream":["CVE-2017-9670","CVE-2018-19490","CVE-2018-19491","CVE-2018-19492"]}