{"id":"CVE-2021-39432","details":"diplib v3.0.0 is vulnerable to Double Free.","aliases":["GHSA-xf2w-5673-h6ww"],"modified":"2026-04-11T18:45:18.517529Z","published":"2022-11-04T17:15:10.627Z","references":[{"type":"FIX","url":"https://github.com/DIPlib/diplib/commit/8b9a2670ce66ff2fd5addf592f7825e1f5adb5b5"},{"type":"FIX","url":"https://github.com/DIPlib/diplib/issues/80"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/diplib/diplib","events":[{"introduced":"0"},{"last_affected":"27e95c10cb44ba998383212c94a25980fa57f2f0"},{"fixed":"8b9a2670ce66ff2fd5addf592f7825e1f5adb5b5"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"3.0.0"}]}}],"versions":["3.0.0","3.0b1","3.0b6","3.0b7","3.0b8","3.0b9"],"database_specific":{"vanir_signatures_modified":"2026-04-11T18:45:18Z","vanir_signatures":[{"target":{"file":"src/file_io/jpeg.cpp","function":"ImageIsJPEG"},"signature_type":"Function","digest":{"length":119,"function_hash":"83490827964155217515379705173253907202"},"id":"CVE-2021-39432-1406dca2","source":"https://github.com/diplib/diplib/commit/8b9a2670ce66ff2fd5addf592f7825e1f5adb5b5","signature_version":"v1","deprecated":false},{"target":{"file":"src/file_io/jpeg.cpp","function":"my_output_message"},"signature_type":"Function","digest":{"length":28,"function_hash":"243241260315654151173211410925035820757"},"id":"CVE-2021-39432-2c4d11a5","source":"https://github.com/diplib/diplib/commit/8b9a2670ce66ff2fd5addf592f7825e1f5adb5b5","signature_version":"v1","deprecated":false},{"target":{"file":"src/file_io/jpeg.cpp"},"signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["307093585223059876243949993842020419237","213918286086901748630130120512279191417","127438574911359873256276749702913212806","266031146604289177604022654002505291643","188110980394523854240603224434202601822","203655243321960774202747934346858955386","78963847569468254196502650793799333451","311858908310379328526683805193534726747","90264765585534404984924664023114708765","134675409545675987515784124987045105607","14246657187542001278304022308422682206","237515670238772098599753964990280952038","68612719738957570325069712312950197879","203528951007989501693345336784016736457","68316557206867067130145383217354255770","39859313928335123441048572340849992319","248405464847739358907217838461909844850","314567760654388793645695349690576661088","165934154627457196202383778130672672007","37109216028897721495217615670431947414","6967138074194139843586084766589782991","115994136735710044151209675025494969005","259698637047949783166091925057982801434","93992576115084794256324962586516565476","328265193643711718689045041342829390549","113620968811748865698847559637254984788","265505022028618385981579637970815163904","252047169844152963481334671425122788321","179954758048410493943007578827114469336","37109216028897721495217615670431947414","320164766077356825437576761450851148910","209956320334064486728229592300047839647","116706388079740770338539863878480930124","69873752466547823354608750809429661439","207290965839841343661322750331204720899","143235642341198531143162689449607745540","161839451692009923731588769456327219426","70291665340305187853085342592179807421","333893170064854402476432715361409598564","152669794407870637350813183348798635463","87148567243545523265368661834160680087","161795103807365788166112230950979990546","19828854805437118987654966461201644491","322290803271226476448897396253332378249","281543038339572698398655435312981561137","67505873904883985009656499861576931467","87551588268932975612375950862276057553","78569763208727590202195685921899858649","328145805365955663231501040978532747931","275253443844817160801193813786227259509","327824688462796587068078848391730102203","297998240146060876141336198471474886280","72358556693470776892603184180595795380","79138448860654315031078110056315857447","142873309462957296614837362971607958356","331602242581974391335874897813256014386","251131782341945127634607069668299665375","278298427518328593298632331176149665369"]},"id":"CVE-2021-39432-4dbd74af","source":"https://github.com/diplib/diplib/commit/8b9a2670ce66ff2fd5addf592f7825e1f5adb5b5","signature_version":"v1","deprecated":false},{"target":{"file":"src/file_io/jpeg.cpp","function":"ImageWriteJPEG"},"signature_type":"Function","digest":{"length":1727,"function_hash":"46005576459476626954262609481947706286"},"id":"CVE-2021-39432-5173b895","source":"https://github.com/diplib/diplib/commit/8b9a2670ce66ff2fd5addf592f7825e1f5adb5b5","signature_version":"v1","deprecated":false},{"target":{"file":"src/file_io/jpeg.cpp","function":"ImageReadJPEGInfo"},"signature_type":"Function","digest":{"length":108,"function_hash":"303157456341350425279875235960940869324"},"id":"CVE-2021-39432-52e008b9","source":"https://github.com/diplib/diplib/commit/8b9a2670ce66ff2fd5addf592f7825e1f5adb5b5","signature_version":"v1","deprecated":false},{"target":{"file":"src/file_io/jpeg.cpp","function":"my_error_exit"},"signature_type":"Function","digest":{"length":132,"function_hash":"28652815022033226845974953294381037204"},"id":"CVE-2021-39432-a9c1a8a9","source":"https://github.com/diplib/diplib/commit/8b9a2670ce66ff2fd5addf592f7825e1f5adb5b5","signature_version":"v1","deprecated":false},{"target":{"file":"src/file_io/jpeg.cpp","function":"ImageReadJPEG"},"signature_type":"Function","digest":{"length":1203,"function_hash":"327741914196318659842280981761297817393"},"id":"CVE-2021-39432-e5f64a10","source":"https://github.com/diplib/diplib/commit/8b9a2670ce66ff2fd5addf592f7825e1f5adb5b5","signature_version":"v1","deprecated":false}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-39432.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}