VYPR

CWE-415

Double Free

VariantDraftLikelihood: High

Description

The product calls free() twice on the same memory address.

Hierarchy (View 1000)

Children

none

CVEs mapped to this weakness (275)

page 13 of 14
  • CVE-2021-28034Mar 5, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in the stack_dst crate before 0.6.1 for Rust. Because of the push_inner behavior, a double free can occur upon a val.clone() panic.

  • CVE-2021-26954Feb 9, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in the qwutils crate before 0.3.1 for Rust. When a Clone panic occurs, insert_slice_clone can perform a double drop.

  • CVE-2020-36205Jan 22, 2021
    risk 0.00cvss epss 0.00

    An issue was discovered in the xcb crate through 2020-12-10 for Rust. base::Error does not have soundness. Because of the public ptr field, a use-after-free or double-free can occur.

  • CVE-2021-25902Jan 22, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in the glsl-layout crate before 0.4.0 for Rust. When a panic occurs, map_array can perform a double drop.

  • CVE-2021-25906Jan 22, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in the basic_dsp_matrix crate before 0.9.2 for Rust. When a TransformContent panic occurs, a double drop can be performed.

  • CVE-2021-25907Jan 22, 2021
    risk 0.00cvss epss 0.02

    An issue was discovered in the containers crate before 0.9.11 for Rust. When a panic occurs, a util::{mutate,mutate2} double drop can be performed.

  • CVE-2021-25908Jan 22, 2021
    risk 0.00cvss epss 0.01

    An issue was discovered in the fil-ocl crate through 2021-01-04 for Rust. From can lead to a double free.

  • CVE-2019-25009Dec 31, 2020
    risk 0.00cvss epss 0.02

    An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness.

  • CVE-2020-35862Dec 31, 2020
    risk 0.00cvss epss 0.02

    An issue was discovered in the bitvec crate before 0.17.4 for Rust. BitVec to BitBox conversion leads to a use-after-free or double free.

  • CVE-2020-35885Dec 31, 2020
    risk 0.00cvss epss 0.02

    An issue was discovered in the alpm-rs crate through 2020-08-20 for Rust. StrcCtx performs improper memory deallocation.

  • CVE-2020-35891Dec 31, 2020
    risk 0.00cvss epss 0.01

    An issue was discovered in the ordnung crate through 2020-09-03 for Rust. compact::Vec violates memory safety via a remove() double free.

  • CVE-2019-18874Nov 12, 2019
    risk 0.00cvss epss 0.04

    psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.

  • CVE-2019-11932Oct 3, 2019
    risk 0.00cvss epss 0.45

    A double free vulnerability in the DDGifSlurp function in decoding.c in the android-gif-drawable library before version 1.2.18, as used in WhatsApp for Android before version 2.19.244 and many other Android applications, allows remote attackers to execute arbitrary code or cause…

  • CVE-2019-16880Sep 25, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in the linea crate through 0.9.4 for Rust. There is double free in the Matrix::zip_elements method.

  • CVE-2018-20996Aug 26, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in the crossbeam crate before 0.4.1 for Rust. There is a double free because of destructor mishandling.

  • CVE-2019-15551Aug 26, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in the smallvec crate before 0.6.10 for Rust. There is a double free for certain grow attempts with the current capacity.

  • CVE-2018-20991Aug 26, 2019
    risk 0.00cvss epss 0.02

    An issue was discovered in the smallvec crate before 0.6.3 for Rust. The Iterator implementation mishandles destructors, leading to a double free.

  • CVE-2019-15151Aug 18, 2019
    risk 0.00cvss epss 0.02

    AdPlug 2.3.1 has a double free in the Cu6mPlayer class in u6m.h.

  • CVE-2018-16425MedSep 4, 2018
    risk 0.00cvss 6.6epss 0.01

    A double free when handling responses from an HSM Card in sc_pkcs15emu_sc_hsm_init in libopensc/pkcs15-sc-hsm.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified…

  • CVE-2018-16424MedSep 4, 2018
    risk 0.00cvss 6.6epss 0.01

    A double free when handling responses in read_file in tools/egk-tool.c (aka the eGK card tool) in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.