CWE-415
Double Free
Description
The product calls free() twice on the same memory address.
Hierarchy (View 1000)
CVEs mapped to this weakness (275)
page 12 of 14| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-0642 | 0.01 | — | 0.08 | Sep 28, 2004 | Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code. | |||
| CVE-2025-65955 | 0.00 | — | 0.00 | Dec 2, 2025 | ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font… | |||
| CVE-2023-37365 | — | 0.00 | — | 0.01 | Jun 30, 2023 | Hnswlib 0.7.0 has a double free in init_index when the M argument is a large integer. | ||
| CVE-2023-25801 | 0.00 | — | 0.00 | Mar 24, 2023 | TensorFlow is an open source machine learning platform. Prior to versions 2.12.0 and 2.11.1, `nn_ops.fractional_avg_pool_v2` and `nn_ops.fractional_max_pool_v2` require the first and fourth elements of their parameter `pooling_ratio` to be equal to 1.0, as pooling on batch and… | |||
| CVE-2022-4450 | 0.00 | — | 0.20 | Feb 8, 2023 | The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing… | |||
| CVE-2021-39432 | — | 0.00 | — | 0.01 | Nov 4, 2022 | diplib v3.0.0 is vulnerable to Double Free. | ||
| CVE-2022-31117 | 0.00 | — | 0.01 | Jul 5, 2022 | UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. In versions prior to 5.4.0 an error occurring while reallocating a buffer for string decoding can cause the buffer to get freed twice. Due to how UltraJSON uses the internal decoder,… | |||
| CVE-2021-37652 | 0.00 | — | 0.00 | Aug 12, 2021 | TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for `tf.raw_ops.BoostedTreesCreateEnsemble` can result in a use after free error if an attacker supplies specially crafted arguments. The… | |||
| CVE-2020-36434 | — | 0.00 | — | 0.01 | Aug 8, 2021 | An issue was discovered in the sys-info crate before 0.8.0 for Rust. sys_info::disk_info calls can trigger a double free. | ||
| CVE-2021-31996 | — | 0.00 | — | 0.01 | May 3, 2021 | An issue was discovered in the algorithmica crate through 2021-03-07 for Rust. There is a double free in merge_sort::merge(). | ||
| CVE-2021-30455 | — | 0.00 | — | 0.01 | Apr 7, 2021 | An issue was discovered in the id-map crate through 2021-02-26 for Rust. A double free can occur in IdMap::clone_from upon a .clone panic. | ||
| CVE-2021-30457 | — | 0.00 | — | 0.01 | Apr 7, 2021 | An issue was discovered in the id-map crate through 2021-02-26 for Rust. A double free can occur in remove_set upon a panic in a Drop impl. | ||
| CVE-2021-30456 | — | 0.00 | — | 0.01 | Apr 7, 2021 | An issue was discovered in the id-map crate through 2021-02-26 for Rust. A double free can occur in get_or_insert upon a panic of a user-provided f function. | ||
| CVE-2021-29929 | — | 0.00 | — | 0.01 | Apr 1, 2021 | An issue was discovered in the endian_trait crate through 2021-01-04 for Rust. A double drop can occur when a user-provided Endian impl panics. | ||
| CVE-2021-29931 | — | 0.00 | — | 0.01 | Apr 1, 2021 | An issue was discovered in the arenavec crate through 2021-01-12 for Rust. A double drop can sometimes occur upon a panic in T::drop(). | ||
| CVE-2021-29933 | — | 0.00 | — | 0.01 | Apr 1, 2021 | An issue was discovered in the insert_many crate through 2021-01-26 for Rust. Elements may be dropped twice if a .next() method panics. | ||
| CVE-2021-29938 | — | 0.00 | — | 0.01 | Apr 1, 2021 | An issue was discovered in the slice-deque crate through 2021-02-19 for Rust. A double drop can occur in SliceDeque::drain_filter upon a panic in a predicate function. | ||
| CVE-2021-29940 | — | 0.00 | — | 0.01 | Apr 1, 2021 | An issue was discovered in the through crate through 2021-02-18 for Rust. There is a double free (in through and through_and) upon a panic of the map function. | ||
| CVE-2021-28028 | — | 0.00 | — | 0.01 | Mar 5, 2021 | An issue was discovered in the toodee crate before 0.3.0 for Rust. Row insertion can cause a double free upon an iterator panic. | ||
| CVE-2021-28031 | — | 0.00 | — | 0.01 | Mar 5, 2021 | An issue was discovered in the scratchpad crate before 1.3.1 for Rust. The move_elements function can have a double-free upon a panic in a user-provided f function. |
- CVE-2004-0642Sep 28, 2004risk 0.01cvss —epss 0.08
Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code.
- CVE-2025-65955Dec 2, 2025risk 0.00cvss —epss 0.00
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font…
- CVE-2023-37365Jun 30, 2023risk 0.00cvss —epss 0.01
Hnswlib 0.7.0 has a double free in init_index when the M argument is a large integer.
- CVE-2023-25801Mar 24, 2023risk 0.00cvss —epss 0.00
TensorFlow is an open source machine learning platform. Prior to versions 2.12.0 and 2.11.1, `nn_ops.fractional_avg_pool_v2` and `nn_ops.fractional_max_pool_v2` require the first and fourth elements of their parameter `pooling_ratio` to be equal to 1.0, as pooling on batch and…
- CVE-2022-4450Feb 8, 2023risk 0.00cvss —epss 0.20
The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments are populated with pointers to buffers containing…
- CVE-2021-39432Nov 4, 2022risk 0.00cvss —epss 0.01
diplib v3.0.0 is vulnerable to Double Free.
- CVE-2022-31117Jul 5, 2022risk 0.00cvss —epss 0.01
UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. In versions prior to 5.4.0 an error occurring while reallocating a buffer for string decoding can cause the buffer to get freed twice. Due to how UltraJSON uses the internal decoder,…
- CVE-2021-37652Aug 12, 2021risk 0.00cvss —epss 0.00
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for `tf.raw_ops.BoostedTreesCreateEnsemble` can result in a use after free error if an attacker supplies specially crafted arguments. The…
- CVE-2020-36434Aug 8, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the sys-info crate before 0.8.0 for Rust. sys_info::disk_info calls can trigger a double free.
- CVE-2021-31996May 3, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the algorithmica crate through 2021-03-07 for Rust. There is a double free in merge_sort::merge().
- CVE-2021-30455Apr 7, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the id-map crate through 2021-02-26 for Rust. A double free can occur in IdMap::clone_from upon a .clone panic.
- CVE-2021-30457Apr 7, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the id-map crate through 2021-02-26 for Rust. A double free can occur in remove_set upon a panic in a Drop impl.
- CVE-2021-30456Apr 7, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the id-map crate through 2021-02-26 for Rust. A double free can occur in get_or_insert upon a panic of a user-provided f function.
- CVE-2021-29929Apr 1, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the endian_trait crate through 2021-01-04 for Rust. A double drop can occur when a user-provided Endian impl panics.
- CVE-2021-29931Apr 1, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the arenavec crate through 2021-01-12 for Rust. A double drop can sometimes occur upon a panic in T::drop().
- CVE-2021-29933Apr 1, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the insert_many crate through 2021-01-26 for Rust. Elements may be dropped twice if a .next() method panics.
- CVE-2021-29938Apr 1, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the slice-deque crate through 2021-02-19 for Rust. A double drop can occur in SliceDeque::drain_filter upon a panic in a predicate function.
- CVE-2021-29940Apr 1, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the through crate through 2021-02-18 for Rust. There is a double free (in through and through_and) upon a panic of the map function.
- CVE-2021-28028Mar 5, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the toodee crate before 0.3.0 for Rust. Row insertion can cause a double free upon an iterator panic.
- CVE-2021-28031Mar 5, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the scratchpad crate before 1.3.1 for Rust. The move_elements function can have a double-free upon a panic in a user-provided f function.