CVE-2021-3943204.11.2022, 17:15diplib v3.0.0 is vulnerable to Double Free.EnginsightProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVectorNISTNIST6.5 MEDIUMNETWORKLOWNONECVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HmitreCNA------CVEADP------CISA-ADPADP6.5 MEDIUMNETWORKLOWNONECVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HBase ScoreCVSS 3.xEPSS ScorePercentile: 44%VendorProductVersiondiplibdiplib3.0.0𝑥= Vulnerable software versionsKnown Exploits!https://github.com/DIPlib/diplib/issues/80https://github.com/DIPlib/diplib/issues/80Common Weakness EnumerationCWE-415 - Double FreeThe product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.CWE-416 - Use After FreeReferencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.Referenceshttps://github.com/DIPlib/diplib/commit/8b9a2670ce66ff2fd5addf592f7825e1f5adb5b5https://github.com/DIPlib/diplib/issues/80https://github.com/DIPlib/diplib/commit/8b9a2670ce66ff2fd5addf592f7825e1f5adb5b5https://github.com/DIPlib/diplib/issues/80