CVE-2021-32280
- Source
- https://cve.org/CVERecord?id=CVE-2021-32280
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-32280.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2021-32280
- Downstream
- Related
- Published
- 2021-09-20T16:15:10.463Z
- Modified
- 2026-02-24T01:35:59.773504Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in fig2dev before 3.2.8.. A NULL pointer dereference exists in the function computeclosedspline() located in trans_spline.c. It allows an attacker to cause Denial of Service. The fixed version of fig2dev is 3.2.8.
- References
-
- https://lists.debian.org/debian-lts-announce/2021/10/msg00002.html
- https://lists.debian.org/debian-lts-announce/2023/01/msg00044.html
- https://sourceforge.net/p/mcj/tickets/107/
- https://sourceforge.net/p/mcj/tickets/107/
- https://sourceforge.net/p/mcj/fig2dev/ci/f17a3b8a7d54c1bc56ab92512531772a0b3ec991/
- https://sourceforge.net/p/mcj/tickets/107/
- https://lists.debian.org/debian-lts-announce/2021/10/msg00002.html
- https://lists.debian.org/debian-lts-announce/2023/01/msg00044.html
- https://sourceforge.net/p/mcj/tickets/107/
Affected packages
Git / github.com/netflix/zuul
Affected ranges
- Type
- GIT
- Repo
- https://github.com/netflix/zuul
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
v1.*
v1.0.28
v1.0.29-rc.1
v1.0.29-rc.2
v1.0.29-rc.3
v2.*
v2.0.0-rc.1
v2.0.0-rc.2
v2.1.0
v2.1.1
v2.1.2
v2.1.3
v2.1.4
v2.1.5
v2.1.6
v2.1.7
v2.1.8
v2.1.9
v2.2.0
v2.3.0
v2.4.0
v2.5.0
v2.5.1
v2.5.10
v2.5.11
v2.5.12
v2.5.13
v2.5.14
v2.5.2
v2.5.3
v2.5.4
v2.5.5
v2.5.6
v2.5.7
v2.5.8
v2.5.9
v2.6.0
v2.6.1
v2.6.2
v2.6.3
v2.6.4
v2.6.6
v2.6.7
v2.6.8
v2.6.9
v3.*
v3.0.0
v3.0.1
v3.0.10
v3.0.11
v3.0.2
v3.0.3
v3.0.4
v3.0.5
v3.0.6
v3.0.7
v3.0.8
v3.0.9
v3.1.0
v3.1.1
v3.1.2
v3.1.3
v3.1.4
v3.1.5
v3.1.6
v3.1.7
v3.1.8
v3.2.0
v3.2.1
v3.2.2
v3.2.3
v3.2.4
v3.2.5
v3.2.6
v3.2.7
zuul-1.*
zuul-1.0.0
zuul-1.0.1
zuul-1.0.10
zuul-1.0.11
zuul-1.0.12
zuul-1.0.13
zuul-1.0.14
zuul-1.0.15
zuul-1.0.16
zuul-1.0.17
zuul-1.0.18
zuul-1.0.2
zuul-1.0.20
zuul-1.0.21
zuul-1.0.22
zuul-1.0.23
zuul-1.0.24
zuul-1.0.25
zuul-1.0.26
zuul-1.0.27
zuul-1.0.28
zuul-1.0.3
zuul-1.0.4
zuul-1.0.5
zuul-1.0.6
zuul-1.0.7
zuul-1.0.8
zuul-1.0.9
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-32280.json"
vanir_signatures
[
{
"digest": {
"line_hashes": [
"254831503825206930343270062971236146880",
"147481520493371015609162332058098282749",
"54585351453337840126831279119880274521",
"54505231448836352550938676986794627909",
"136613387273910334287666634112919487526",
"188043087099384739809348517053244697100",
"15747546206841609760196802103852027907"
],
"threshold": 0.9
},
"id": "CVE-2021-32280-452d7f3a",
"source": "https://github.com/netflix/zuul/commit/87c3b740a07736c605e9f14ae21b185fdbb80f9c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "zuul-core/src/main/java/com/netflix/zuul/context/SessionContext.java"
},
"signature_type": "Line"
},
{
"digest": {
"length": 222.0,
"function_hash": "42403284191541497575558032379508712639"
},
"id": "CVE-2021-32280-c2fa4621",
"source": "https://github.com/netflix/zuul/commit/87c3b740a07736c605e9f14ae21b185fdbb80f9c",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "zuul-core/src/main/java/com/netflix/zuul/context/SessionContext.java",
"function": "SessionContext"
},
"signature_type": "Function"
}
]