CVE-2020-37239
Published: 16 May 2026
Summary
CVE-2020-37239 is a critical-severity Double Free (CWE-415) vulnerability in Gegl (inferred from references). Its CVSS base score is 9.3 (Critical).
Operationally, ranked at the 36.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2020-31239
Vulnerability details
libbabl 0.1.62 contains a broken double free detection vulnerability that allows attackers to bypass memory safety checks by exploiting signature overwriting in freed chunks. Attackers can call babl_free() twice on the same pointer without triggering detection, as libc's malloc metadata…
more
overwrites babl's signature field upon freeing, enabling potential memory corruption and code execution.
- CWE(s)
Related Threats
CVEs Like This One
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.