CVE-2021-37529 — Vulnetix

CVE-2021-37529 PUBLISHED CVSS 5.5 MEDIUM

A double-free vulnerability exists in fig2dev through 3.28a is affected by: via the free_stream function in readpics.c, which could cause a denial of service (context-dependent).

EPSS 0.25% · 48.2th percentile

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS Score

0.25%

48.2th percentile

Affected Products

Vendor	Product	Versions
fig2dev_project	fig2dev	0
debian	debian_linux	9.0, 10.0, 11.0
n/a	n/a	n/a

Timeline

Jan 12, 2022 CVE Published
Jan 13, 2022 EPSS Score
Mar 7, 2022 EPSS Score
Apr 30, 2022 EPSS Score
Jun 22, 2022 EPSS Score
Aug 15, 2022 EPSS Score
Oct 7, 2022 EPSS Score
Nov 30, 2022 EPSS Score
Jan 22, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 16, 2023 EPSS Score
May 8, 2023 EPSS Score

References

https://sourceforge.net/p/mcj/tickets/125/ url
https://nvd.nist.gov/vuln/detail/CVE-2021-37529 advisory
https://sourceforge.net/p/mcj/tickets/125 url

Open in Interactive Console →