Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2025-31181
CVE-2025-31181:
Linux Debian vulnerability analysis and mitigation
Overview
A flaw was found in gnuplot where the X11_graphics() function may lead to a segmentation fault and cause a system crash. The vulnerability was discovered and disclosed on March 27, 2025, affecting gnuplot software versions including 5.4.1+dfsg1-1+deb11u1, 5.4.4+dfsg1-2, and 6.0.2+dfsg1-1 (NVD, Debian Tracker).
Technical details
The vulnerability has been assigned a CVSS v3.1 Base Score of 6.2 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. The flaw is classified as a NULL Pointer Dereference (CWE-476) that occurs within the X11_graphics() function implementation (NVD).
Impact
When exploited, this vulnerability can cause a system crash through a segmentation fault in the X11_graphics() function. The CVSS scoring indicates high impact on availability (A:H) but no impact on confidentiality (C:N) or integrity (I:N) (NVD).
Mitigation and workarounds
As per the Debian security tracker, this vulnerability is currently unpatched in the affected versions (bullseye, bookworm, sid, and trixie). The issue is marked as having unimportant urgency (Debian Tracker).
Additional resources
Source: This report was generated using AI
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management