CVE-2013-1424
Published: 31 December 2013
[matplotlib buffer overrun]
From the Ubuntu Security Team
It was discovered that Matplotlib incorrectly handled format strings and values. An attacker could possibly use this issue to execute arbitrary code or other unspecified impact.
Priority
Status
Package | Release | Status |
---|---|---|
matplotlib Launchpad, Ubuntu, Debian |
artful |
Not vulnerable
|
bionic |
Not vulnerable
|
|
cosmic |
Not vulnerable
|
|
lucid |
Ignored
(end of life)
|
|
precise |
Ignored
(end of life)
|
|
trusty |
Released
(1.3.1-1ubuntu5.1)
|
|
upstream |
Released
(1.4.2-3.1)
|
|
utopic |
Ignored
(end of life)
|
|
vivid |
Ignored
(end of life)
|
|
wily |
Ignored
(end of life)
|
|
xenial |
Not vulnerable
(1.5.1-1ubuntu1)
|
|
yakkety |
Ignored
(end of life)
|
|
zesty |
Ignored
(end of life)
|
|
This vulnerability is mitigated in part by the use of gcc's stack protector in Ubuntu. |