Carter Yagemann

#8268of 53,633
33.2Total CVSS
Vulnerabilities · 4
High
3
Critical
1
PT-2026-41439
9.8
2026-05-16
Canonical · Babl · CVE-2020-37239
**Name of the Vulnerable Software and Affected Versions** libbabl version 0.1.62 **Description** An issue exists where double free detection is broken, allowing attackers to bypass memory safety checks by exploiting signature overwriting in freed chunks. By calling the `babl free()` function twice on the same pointer, detection is not triggered because libc's malloc metadata overwrites the signature field of babl upon freeing. This can lead to memory corruption and potential code execution. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-11632
7.8
2022-05-24
Halibut · Halibut · CVE-2021-42612
**Name of the Vulnerable Software and Affected Versions** Halibut version 1.2 **Description** A use after free in `cleanup index` in `index.c` allows an attacker to cause a segmentation fault or possibly have other unspecified impact via a crafted text document. **Recommendations** For Halibut version 1.2, as a temporary workaround, consider disabling the `cleanup index` function in `index.c` until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-11633
7.8
2022-05-24
Halibut · Halibut · CVE-2021-42613
**Name of the Vulnerable Software and Affected Versions** Halibut version 1.2 **Description** A double free in `cleanup index` in `index.c` allows an attacker to cause a denial of service or possibly have other unspecified impact via a crafted text document. **Recommendations** For Halibut version 1.2, consider disabling the `cleanup index` function in `index.c` as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2022-11634
7.8
2022-05-24
Halibut · Halibut · CVE-2021-42614
**Name of the Vulnerable Software and Affected Versions** Halibut version 1.2 **Description** A use after free in `info width internal` in `bk info.c` allows an attacker to cause a segmentation fault or possibly have unspecified other impact via a crafted text document. **Recommendations** For Halibut version 1.2, consider disabling the `info width internal` function in `bk info.c` as a temporary workaround until a patch is available.