Common Weakness Enumeration

CWE-369

Allowed

Divide By Zero

Abstraction: Base · Status: Draft

The product divides a value by zero.

579 vulnerabilities reference this CWE, most recent first.

GHSA-HH7P-PQ2Q-6P59

Vulnerability from github – Published: 2023-12-26 15:30 – Updated: 2024-01-05 18:30
VLAI
Details

A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in functon compute_color() of jquant2.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-51107"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-12-26T15:15:08Z",
    "severity": "HIGH"
  },
  "details": "A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in functon compute_color() of jquant2.c.",
  "id": "GHSA-hh7p-pq2q-6p59",
  "modified": "2024-01-05T18:30:24Z",
  "published": "2023-12-26T15:30:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-51107"
    },
    {
      "type": "WEB",
      "url": "https://github.com/dongyuma/sox-defects/blob/main/mupdf-defects.md"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HHX4-XMF9-97G5

Vulnerability from github – Published: 2023-08-25 21:30 – Updated: 2025-11-04 00:30
VLAI
Details

Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-2906"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-08-25T21:15:07Z",
    "severity": "MODERATE"
  },
  "details": "Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack.",
  "id": "GHSA-hhx4-xmf9-97g5",
  "modified": "2025-11-04T00:30:39Z",
  "published": "2023-08-25T21:30:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2906"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.com/wireshark/wireshark/-/issues/19229"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00049.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HCUPLDY7HLPO46PHMGIJSUBJFTT237C"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L4AVRUYSHDNEAJILVSGY5W6MPOMG2YRF"
    },
    {
      "type": "WEB",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TRKHFQPWFU7F3OXTL6IEIQSJG6FVXZTZ"
    },
    {
      "type": "WEB",
      "url": "https://takeonme.org/cves/CVE-2023-2906.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HMWC-5F9Q-3986

Vulnerability from github – Published: 2022-05-14 01:44 – Updated: 2022-05-14 01:44
VLAI
Details

A type confusion error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a division by zero.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-5804"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-12-07T22:29:00Z",
    "severity": "MODERATE"
  },
  "details": "A type confusion error within the \"identify()\" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a division by zero.",
  "id": "GHSA-hmwc-5f9q-3986",
  "modified": "2022-05-14T01:44:34Z",
  "published": "2022-05-14T01:44:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5804"
    },
    {
      "type": "WEB",
      "url": "https://github.com/LibRaw/LibRaw/commit/9f26ce37f5be86ea11bfc6831366558650b1f6ff"
    },
    {
      "type": "WEB",
      "url": "https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt"
    },
    {
      "type": "WEB",
      "url": "https://secuniaresearch.flexerasoftware.com/advisories/81000"
    },
    {
      "type": "WEB",
      "url": "https://secuniaresearch.flexerasoftware.com/secunia_research/2018-3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HP4C-X6R7-6555

Vulnerability from github – Published: 2021-08-25 14:44 – Updated: 2024-11-13 16:35
VLAI
Summary
Floating point exception in `SparseDenseCwiseDiv`
Details

Impact

The implementation of tf.raw_ops.SparseDenseCwiseDiv is vulnerable to a division by 0 error:

import tensorflow as tf
import numpy as np

tf.raw_ops.SparseDenseCwiseDiv( 
  sp_indices=np.array([[4]]),
  sp_values=np.array([-400]),
  sp_shape=np.array([647.]),
  dense=np.array([0]))

The implementation uses a common class for all binary operations but fails to treat the division by 0 case separately.

Patches

We have patched the issue in GitHub commit d9204be9f49520cdaaeb2541d1dc5187b23f31d9.

The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.

For more information

Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.

Attribution

This vulnerability has been reported by members of the Aivul Team from Qihoo 360.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.3.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.0"
            },
            {
              "fixed": "2.4.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.5.0"
            },
            {
              "fixed": "2.5.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2.5.0"
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.3.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.0"
            },
            {
              "fixed": "2.4.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-cpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.5.0"
            },
            {
              "fixed": "2.5.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2.5.0"
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.3.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.4.0"
            },
            {
              "fixed": "2.4.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "tensorflow-gpu"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "2.5.0"
            },
            {
              "fixed": "2.5.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "2.5.0"
      ]
    }
  ],
  "aliases": [
    "CVE-2021-37636"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-08-23T17:57:14Z",
    "nvd_published_at": "2021-08-12T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nThe implementation of `tf.raw_ops.SparseDenseCwiseDiv` is vulnerable to a division by 0 error:\n\n```python\nimport tensorflow as tf\nimport numpy as np\n\ntf.raw_ops.SparseDenseCwiseDiv( \n  sp_indices=np.array([[4]]),\n  sp_values=np.array([-400]),\n  sp_shape=np.array([647.]),\n  dense=np.array([0]))\n```\n\nThe [implementation](https://github.com/tensorflow/tensorflow/blob/a1bc56203f21a5a4995311825ffaba7a670d7747/tensorflow/core/kernels/sparse_dense_binary_op_shared.cc#L56) uses a common class for all binary operations but fails to treat the division by 0 case separately.\n\n### Patches\nWe have patched the issue in GitHub commit [d9204be9f49520cdaaeb2541d1dc5187b23f31d9](https://github.com/tensorflow/tensorflow/commit/d9204be9f49520cdaaeb2541d1dc5187b23f31d9).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.",
  "id": "GHSA-hp4c-x6r7-6555",
  "modified": "2024-11-13T16:35:32Z",
  "published": "2021-08-25T14:44:14Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hp4c-x6r7-6555"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-37636"
    },
    {
      "type": "WEB",
      "url": "https://github.com/tensorflow/tensorflow/commit/d9204be9f49520cdaaeb2541d1dc5187b23f31d9"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-549.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-747.yaml"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-258.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/tensorflow/tensorflow"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Floating point exception in `SparseDenseCwiseDiv`"
}

GHSA-HPQQ-HRXQ-VC4X

Vulnerability from github – Published: 2025-06-20 21:32 – Updated: 2025-06-26 18:31
VLAI
Details

An issue in redoxOS kernel before commit 5d41cd7c allows a local attacker to cause a denial of service via the setitimer syscall

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-46158"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-06-20T18:15:28Z",
    "severity": "MODERATE"
  },
  "details": "An issue in redoxOS kernel before commit 5d41cd7c allows a local attacker to cause a denial of service via the `setitimer` syscall",
  "id": "GHSA-hpqq-hrxq-vc4x",
  "modified": "2025-06-26T18:31:24Z",
  "published": "2025-06-20T21:32:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46158"
    },
    {
      "type": "WEB",
      "url": "https://github.com/Marsman1996/pocs/tree/master/redox/CVE-2025-46158"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.redox-os.org/redox-os/kernel/-/issues/164"
    },
    {
      "type": "WEB",
      "url": "https://gitlab.redox-os.org/redox-os/kernel/-/merge_requests/386"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HV6G-HV36-GG9F

Vulnerability from github – Published: 2023-08-22 21:30 – Updated: 2024-04-04 07:06
VLAI
Details

An issue was discovered with ImageMagick 7.1.0-4 via Division by zero in function ReadEnhMetaFile of coders/emf.c.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-40211"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-08-22T19:16:21Z",
    "severity": "HIGH"
  },
  "details": "An issue was discovered with ImageMagick 7.1.0-4 via Division by zero in function ReadEnhMetaFile of coders/emf.c.",
  "id": "GHSA-hv6g-hv36-gg9f",
  "modified": "2024-04-04T07:06:45Z",
  "published": "2023-08-22T21:30:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-40211"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ImageMagick/ImageMagick/issues/4097"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HW8P-X386-RR5F

Vulnerability from github – Published: 2024-05-19 12:30 – Updated: 2026-05-12 12:31
VLAI
Details

In the Linux kernel, the following vulnerability has been resolved:

fbmon: prevent division by zero in fb_videomode_from_videomode()

The expression htotal * vtotal can have a zero value on overflow. It is necessary to prevent division by zero like in fb_var_to_videomode().

Found by Linux Verification Center (linuxtesting.org) with Svace.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-35922"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-19T11:15:48Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbmon: prevent division by zero in fb_videomode_from_videomode()\n\nThe expression htotal * vtotal can have a zero value on\noverflow. It is necessary to prevent division by zero like in\nfb_var_to_videomode().\n\nFound by Linux Verification Center (linuxtesting.org) with Svace.",
  "id": "GHSA-hw8p-x386-rr5f",
  "modified": "2026-05-12T12:31:49Z",
  "published": "2024-05-19T12:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-35922"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-265688.html"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1b107d637fed68a787da77a3514ad06e57abd0b4"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/1fb52bc1de55e9e0bdf71fe078efd4da0889710f"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3d4b909704bf2114f64f87363fa22b5ef8ac4a33"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/48d6bcfc31751ca2e753d901a2d82f27edf8a029"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/664206ff8b019bcd1e55b10b2eea3add8761b971"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/72d091b7515e0532ee015e144c906f3bcfdd6270"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/951838fee462aa01fa2a6a91d56f9a495082e7f0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c2d953276b8b27459baed1277a4fdd5dd9bd4126"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HXCJ-JVXX-W9VP

Vulnerability from github – Published: 2022-05-14 00:57 – Updated: 2022-05-14 00:57
VLAI
Details

An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2019-10023"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-03-25T00:29:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpMod case.",
  "id": "GHSA-hxcj-jvxx-w9vp",
  "modified": "2022-05-14T00:57:27Z",
  "published": "2022-05-14T00:57:26Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10023"
    },
    {
      "type": "WEB",
      "url": "https://forum.xpdfreader.com/viewtopic.php?f=3\u0026t=41276"
    },
    {
      "type": "WEB",
      "url": "https://usn.ubuntu.com/4042-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-HXFW-JM98-V4MQ

Vulnerability from github – Published: 2021-10-12 22:21 – Updated: 2021-11-18 15:27
VLAI
Summary
Divide By Zero in OpenCV.
Details

An issue was discovered in OpenCV 4.1.0 (OpenCV-Python 4.1.0.25). There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp.

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.1.0.25"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "opencv-python"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.1.1.26"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.1.0.25"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "opencv-python-headless"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.1.1.26"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.1.0.25"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "opencv-contrib-python"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.1.1.26"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 4.1.0.25"
      },
      "package": {
        "ecosystem": "PyPI",
        "name": "opencv-contrib-python-headless"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.1.1.26"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2019-15939"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2021-10-06T20:35:29Z",
    "nvd_published_at": "2019-09-05T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "An issue was discovered in OpenCV 4.1.0 (OpenCV-Python 4.1.0.25). There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in modules/objdetect/src/hog.cpp.",
  "id": "GHSA-hxfw-jm98-v4mq",
  "modified": "2021-11-18T15:27:49Z",
  "published": "2021-10-12T22:21:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15939"
    },
    {
      "type": "WEB",
      "url": "https://github.com/OpenCV/opencv/issues/15287"
    },
    {
      "type": "WEB",
      "url": "https://github.com/opencv/opencv/pull/15382"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/opencv/opencv-python"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00025.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Divide By Zero in OpenCV."
}

GHSA-J49C-JWHF-PGWQ

Vulnerability from github – Published: 2023-05-31 00:31 – Updated: 2024-04-04 04:24
VLAI
Details

Fox-IT DataDiode (aka Fox DataDiode) 3.4.3 suffers from a Divide-by-Zero vulnerability in the packet parser. A remote attacker could leverage this vulnerability to cause a denial-of-service. Exploitation of this issue does not require user interaction.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-47525"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-05-31T00:15:09Z",
    "severity": "HIGH"
  },
  "details": "Fox-IT DataDiode (aka Fox DataDiode) 3.4.3 suffers from a Divide-by-Zero vulnerability in the packet parser. A remote attacker could leverage this vulnerability to cause a denial-of-service. Exploitation of this issue does not require user interaction.",
  "id": "GHSA-j49c-jwhf-pgwq",
  "modified": "2024-04-04T04:24:29Z",
  "published": "2023-05-31T00:31:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-47525"
    },
    {
      "type": "WEB",
      "url": "https://www.fox-it.com/nl-en/fox-crypto/fox-datadiode"
    },
    {
      "type": "WEB",
      "url": "https://www.fox-it.com/nl-en/software-vulnerability-report"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

No mitigation information available for this CWE.

No CAPEC attack patterns related to this CWE.