CVE-2021-37529

MEDIUM

Fig2dev < 3.2.8a - Double Free

Title source: rule

Description

A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent).

References (1)

Scores

CVSS v3 5.5
EPSS 0.0025
EPSS Percentile 47.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Classification

CWE
CWE-415
Status published

Affected Products (4)

fig2dev_project/fig2dev < 3.2.8a
debian/debian_linux
debian/debian_linux
debian/debian_linux

Timeline

Published Jan 12, 2022
Tracked Since Feb 18, 2026