CVE-2021-37529
MEDIUMfig2dev <= 3.28a - Double Free in free_stream Function
Title source: llmDescription
A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent).
References (1)
Core 1
Core References
Exploit, Patch, Third Party Advisory x_refsource_misc
https://sourceforge.net/p/mcj/tickets/125/
Scores
CVSS v3
5.5
EPSS
0.0075
EPSS Percentile
49.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Details
CWE
CWE-415
Status
published
Products (4)
debian/debian_linux
9.0
debian/debian_linux
10.0
debian/debian_linux
11.0
fig2dev_project/fig2dev
< 3.2.8a
Published
Jan 12, 2022
Tracked Since
Feb 18, 2026