An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrm_options function. This flaw is caused by a missing size check of an argument passed to the set font function. This issue occurs when the Gnuplot pngcairo terminal is used as a backend. https://nvd.nist.gov/vuln/detail/CVE-2018-19492