CWE-415
Double Free
Description
The product calls free() twice on the same memory address.
Hierarchy (View 1000)
CVEs mapped to this weakness (275)
page 13 of 14| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-28034 | — | 0.00 | — | 0.01 | Mar 5, 2021 | An issue was discovered in the stack_dst crate before 0.6.1 for Rust. Because of the push_inner behavior, a double free can occur upon a val.clone() panic. | ||
| CVE-2021-26954 | — | 0.00 | — | 0.01 | Feb 9, 2021 | An issue was discovered in the qwutils crate before 0.3.1 for Rust. When a Clone panic occurs, insert_slice_clone can perform a double drop. | ||
| CVE-2020-36205 | — | 0.00 | — | 0.00 | Jan 22, 2021 | An issue was discovered in the xcb crate through 2020-12-10 for Rust. base::Error does not have soundness. Because of the public ptr field, a use-after-free or double-free can occur. | ||
| CVE-2021-25902 | — | 0.00 | — | 0.01 | Jan 22, 2021 | An issue was discovered in the glsl-layout crate before 0.4.0 for Rust. When a panic occurs, map_array can perform a double drop. | ||
| CVE-2021-25906 | — | 0.00 | — | 0.01 | Jan 22, 2021 | An issue was discovered in the basic_dsp_matrix crate before 0.9.2 for Rust. When a TransformContent panic occurs, a double drop can be performed. | ||
| CVE-2021-25907 | — | 0.00 | — | 0.02 | Jan 22, 2021 | An issue was discovered in the containers crate before 0.9.11 for Rust. When a panic occurs, a util::{mutate,mutate2} double drop can be performed. | ||
| CVE-2021-25908 | — | 0.00 | — | 0.01 | Jan 22, 2021 | An issue was discovered in the fil-ocl crate through 2021-01-04 for Rust. From can lead to a double free. | ||
| CVE-2019-25009 | — | 0.00 | — | 0.02 | Dec 31, 2020 | An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness. | ||
| CVE-2020-35862 | — | 0.00 | — | 0.02 | Dec 31, 2020 | An issue was discovered in the bitvec crate before 0.17.4 for Rust. BitVec to BitBox conversion leads to a use-after-free or double free. | ||
| CVE-2020-35885 | — | 0.00 | — | 0.02 | Dec 31, 2020 | An issue was discovered in the alpm-rs crate through 2020-08-20 for Rust. StrcCtx performs improper memory deallocation. | ||
| CVE-2020-35891 | — | 0.00 | — | 0.01 | Dec 31, 2020 | An issue was discovered in the ordnung crate through 2020-09-03 for Rust. compact::Vec violates memory safety via a remove() double free. | ||
| CVE-2019-18874 | — | 0.00 | — | 0.04 | Nov 12, 2019 | psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object. | ||
| CVE-2019-11932 | — | 0.00 | — | 0.45 | Oct 3, 2019 | A double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library before version 1.2.18, as used in WhatsApp for Android before version 2.19.244 and many other Android applications, allows remote attackers to execute arbitrary code or cause… | ||
| CVE-2019-16880 | — | 0.00 | — | 0.02 | Sep 25, 2019 | An issue was discovered in the linea crate through 0.9.4 for Rust. There is double free in the Matrix::zip_elements method. | ||
| CVE-2018-20996 | — | 0.00 | — | 0.02 | Aug 26, 2019 | An issue was discovered in the crossbeam crate before 0.4.1 for Rust. There is a double free because of destructor mishandling. | ||
| CVE-2019-15551 | — | 0.00 | — | 0.02 | Aug 26, 2019 | An issue was discovered in the smallvec crate before 0.6.10 for Rust. There is a double free for certain grow attempts with the current capacity. | ||
| CVE-2018-20991 | — | 0.00 | — | 0.02 | Aug 26, 2019 | An issue was discovered in the smallvec crate before 0.6.3 for Rust. The Iterator implementation mishandles destructors, leading to a double free. | ||
| CVE-2019-15151 | — | 0.00 | — | 0.02 | Aug 18, 2019 | AdPlug 2.3.1 has a double free in the Cu6mPlayer class in u6m.h. | ||
| CVE-2018-16425 | Med | 0.00 | 6.6 | 0.01 | Sep 4, 2018 | A double free when handling responses from an HSM Card in sc_pkcs15emu_sc_hsm_init in libopensc/pkcs15-sc-hsm.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified… | ||
| CVE-2018-16424 | Med | 0.00 | 6.6 | 0.01 | Sep 4, 2018 | A double free when handling responses in read_file in tools/egk-tool.c (aka the eGK card tool) in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. |
- CVE-2021-28034Mar 5, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the stack_dst crate before 0.6.1 for Rust. Because of the push_inner behavior, a double free can occur upon a val.clone() panic.
- CVE-2021-26954Feb 9, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the qwutils crate before 0.3.1 for Rust. When a Clone panic occurs, insert_slice_clone can perform a double drop.
- CVE-2020-36205Jan 22, 2021risk 0.00cvss —epss 0.00
An issue was discovered in the xcb crate through 2020-12-10 for Rust. base::Error does not have soundness. Because of the public ptr field, a use-after-free or double-free can occur.
- CVE-2021-25902Jan 22, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the glsl-layout crate before 0.4.0 for Rust. When a panic occurs, map_array can perform a double drop.
- CVE-2021-25906Jan 22, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the basic_dsp_matrix crate before 0.9.2 for Rust. When a TransformContent panic occurs, a double drop can be performed.
- CVE-2021-25907Jan 22, 2021risk 0.00cvss —epss 0.02
An issue was discovered in the containers crate before 0.9.11 for Rust. When a panic occurs, a util::{mutate,mutate2} double drop can be performed.
- CVE-2021-25908Jan 22, 2021risk 0.00cvss —epss 0.01
An issue was discovered in the fil-ocl crate through 2021-01-04 for Rust. From can lead to a double free.
- CVE-2019-25009Dec 31, 2020risk 0.00cvss —epss 0.02
An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness.
- CVE-2020-35862Dec 31, 2020risk 0.00cvss —epss 0.02
An issue was discovered in the bitvec crate before 0.17.4 for Rust. BitVec to BitBox conversion leads to a use-after-free or double free.
- CVE-2020-35885Dec 31, 2020risk 0.00cvss —epss 0.02
An issue was discovered in the alpm-rs crate through 2020-08-20 for Rust. StrcCtx performs improper memory deallocation.
- CVE-2020-35891Dec 31, 2020risk 0.00cvss —epss 0.01
An issue was discovered in the ordnung crate through 2020-09-03 for Rust. compact::Vec violates memory safety via a remove() double free.
- CVE-2019-18874Nov 12, 2019risk 0.00cvss —epss 0.04
psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.
- CVE-2019-11932Oct 3, 2019risk 0.00cvss —epss 0.45
A double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library before version 1.2.18, as used in WhatsApp for Android before version 2.19.244 and many other Android applications, allows remote attackers to execute arbitrary code or cause…
- CVE-2019-16880Sep 25, 2019risk 0.00cvss —epss 0.02
An issue was discovered in the linea crate through 0.9.4 for Rust. There is double free in the Matrix::zip_elements method.
- CVE-2018-20996Aug 26, 2019risk 0.00cvss —epss 0.02
An issue was discovered in the crossbeam crate before 0.4.1 for Rust. There is a double free because of destructor mishandling.
- CVE-2019-15551Aug 26, 2019risk 0.00cvss —epss 0.02
An issue was discovered in the smallvec crate before 0.6.10 for Rust. There is a double free for certain grow attempts with the current capacity.
- CVE-2018-20991Aug 26, 2019risk 0.00cvss —epss 0.02
An issue was discovered in the smallvec crate before 0.6.3 for Rust. The Iterator implementation mishandles destructors, leading to a double free.
- CVE-2019-15151Aug 18, 2019risk 0.00cvss —epss 0.02
AdPlug 2.3.1 has a double free in the Cu6mPlayer class in u6m.h.
- risk 0.00cvss 6.6epss 0.01
A double free when handling responses from an HSM Card in sc_pkcs15emu_sc_hsm_init in libopensc/pkcs15-sc-hsm.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified…
- risk 0.00cvss 6.6epss 0.01
A double free when handling responses in read_file in tools/egk-tool.c (aka the eGK card tool) in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.