CVE-2013-1424

Publication date 26 June 2025

Last updated 2 July 2025

Ubuntu priority

Medium

Why this priority?

Cvss 3 Severity Score

5.6 · Medium

Score breakdown

Description

Buffer overflow vulnerability in matplotlib.This issue affects matplotlib: before upstream commit ba4016014cb4fb4927e36ce8ea429fed47dcb787.

From the Ubuntu Security Team

It was discovered that Matplotlib incorrectly handled format strings and values. An attacker could possibly use this issue to execute arbitrary code or other unspecified impact.

Status

Package Ubuntu Release Status
matplotlib 18.10 cosmic
Not affected
18.04 LTS bionic
Not affected
17.10 artful
Not affected
17.04 zesty Ignored end of life
16.10 yakkety Ignored end of life
16.04 LTS xenial
Not affected
15.10 wily Ignored end of life
15.04 vivid Ignored end of life
14.10 utopic Ignored end of life
14.04 LTS trusty
Fixed 1.3.1-1ubuntu5.1
12.04 LTS precise Ignored end of life
10.04 LTS lucid Ignored end of life

Severity score breakdown

Parameter Value
Base score 5.6 · Medium
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Scope Unchanged
Confidentiality Low
Integrity impact Low
Availability impact Low
Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

References

Other references