Buffer Overflow Vulnerability in Matplotlib Affected by Debian's Implementation
CVE-2013-1424

5.6MEDIUM

Key Information:

Vendor: Matplotlib
Status: Matplotlib
Vendor: CVE Published:; 26 June 2025

What is CVE-2013-1424?

A buffer overflow vulnerability exists in Matplotlib, specifically affecting versions released before the upstream commit ba4016014cb4fb4927e36ce8ea429fed47dcb787. This vulnerability can potentially allow an attacker to execute arbitrary code by exploiting flaws in memory management within the library. Developers using vulnerable versions may face severe security risks, emphasizing the need for timely updates and patches to safeguard applications utilizing this popular Python plotting library.

Affected Version(s)

matplotlib before upstream commit ba4016014cb4fb4927e36ce8ea429fed47dcb787

References

https://bugs.debian.org/775691

https://github.com/matplotlib/matplotlib/commit/ba4016014...

CVSS V3.1

Score:

5.6

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2025
Vulnerability Reserved
Jan 26, 2013