CWE-369
AllowedDivide By Zero
Abstraction: Base · Status: Draft
The product divides a value by zero.
579 vulnerabilities reference this CWE, most recent first.
GHSA-6H77-2HC9-QM3W
Vulnerability from github – Published: 2023-08-08 18:30 – Updated: 2024-06-10 18:30A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.
{
"affected": [],
"aliases": [
"CVE-2023-20588"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-08-08T18:15:11Z",
"severity": "MODERATE"
},
"details": "\nA division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.\u00a0\n\n\n\n\n\n\n\n",
"id": "GHSA-6h77-2hc9-qm3w",
"modified": "2024-06-10T18:30:49Z",
"published": "2023-08-08T18:30:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-20588"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AGZCACEHT6ZZZGG36QQMGROBM4FLWYJX"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DIOYP4ZOBML4RCUM3MHRFZUQL445MZM3"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJTUVYZMP6BNF342DS3W7XGOGXC6JPN5"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20240531-0005"
},
{
"type": "WEB",
"url": "https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7007"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2023/dsa-5480"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2023/dsa-5492"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/09/25/3"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/09/25/4"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/09/25/5"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/09/25/7"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/09/25/8"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/09/26/5"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/09/26/8"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/09/26/9"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/09/27/1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/12"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/13"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/14"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/15"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/16"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/10/03/9"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/10/04/1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/10/04/2"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/10/04/3"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2023/10/04/4"
},
{
"type": "WEB",
"url": "http://xenbits.xen.org/xsa/advisory-439.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-6HPV-V2RX-C5G6
Vulnerability from github – Published: 2021-11-10 19:02 – Updated: 2024-11-07 22:19Impact
The implementations for convolution operators trigger a division by 0 if passed empty filter tensor arguments.
Patches
We have patched the issue in GitHub commit f2c3931113eaafe9ef558faaddd48e00a6606235.
The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by members of the Aivul Team from Qihoo 360.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "2.6.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "2.6.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.6.0"
},
{
"fixed": "2.6.1"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "2.5.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-41209"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": true,
"github_reviewed_at": "2021-11-08T22:36:05Z",
"nvd_published_at": "2021-11-05T22:15:00Z",
"severity": "MODERATE"
},
"details": "### Impact\nThe [implementations for convolution operators](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/conv_ops.cc) trigger a division by 0 if passed empty filter tensor arguments.\n\n### Patches\nWe have patched the issue in GitHub commit [f2c3931113eaafe9ef558faaddd48e00a6606235](https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235).\n \nThe fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.",
"id": "GHSA-6hpv-v2rx-c5g6",
"modified": "2024-11-07T22:19:55Z",
"published": "2021-11-10T19:02:17Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hpv-v2rx-c5g6"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41209"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-618.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-816.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-401.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/tensorflow/tensorflow"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "FPE in convolutions with zero size filters"
}
GHSA-6JJ7-2576-P556
Vulnerability from github – Published: 2026-01-28 21:31 – Updated: 2026-01-29 21:30A floating point exception (FPE) in the oneflow.view component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
{
"affected": [],
"aliases": [
"CVE-2025-71005"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-01-28T21:16:09Z",
"severity": "MODERATE"
},
"details": "A floating point exception (FPE) in the oneflow.view component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.",
"id": "GHSA-6jj7-2576-p556",
"modified": "2026-01-29T21:30:30Z",
"published": "2026-01-28T21:31:24Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-71005"
},
{
"type": "WEB",
"url": "https://github.com/Oneflow-Inc/oneflow/issues/10654"
},
{
"type": "WEB",
"url": "https://github.com/Daisy2ang"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6JJ7-XF98-RXHG
Vulnerability from github – Published: 2026-06-01 00:30 – Updated: 2026-06-01 00:30A vulnerability was determined in Assimp up to 6.0.4. This vulnerability affects the function FBXExporter::WriteObjects of the file FBXExporter.cpp of the component UV Channel Handler. Executing a manipulation can lead to divide by zero. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. Applying a patch is advised to resolve this issue. The project tagged the reported issue as bug.
{
"affected": [],
"aliases": [
"CVE-2026-10201"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-06-01T00:16:41Z",
"severity": "LOW"
},
"details": "A vulnerability was determined in Assimp up to 6.0.4. This vulnerability affects the function FBXExporter::WriteObjects of the file FBXExporter.cpp of the component UV Channel Handler. Executing a manipulation can lead to divide by zero. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. Applying a patch is advised to resolve this issue. The project tagged the reported issue as bug.",
"id": "GHSA-6jj7-xf98-rxhg",
"modified": "2026-06-01T00:30:22Z",
"published": "2026-06-01T00:30:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10201"
},
{
"type": "WEB",
"url": "https://github.com/assimp/assimp/issues/6613"
},
{
"type": "WEB",
"url": "https://github.com/assimp/assimp"
},
{
"type": "WEB",
"url": "https://github.com/user-attachments/files/27153727/poc.zip"
},
{
"type": "WEB",
"url": "https://vuldb.com/cve/CVE-2026-10201"
},
{
"type": "WEB",
"url": "https://vuldb.com/submit/821182"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/367481"
},
{
"type": "WEB",
"url": "https://vuldb.com/vuln/367481/cti"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-6Q3P-M444-94QP
Vulnerability from github – Published: 2025-03-21 15:31 – Updated: 2025-03-21 15:31A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFile_Quake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is identified as ab66a1674fcfac87aaba4c8b900b315ebc3e7dbd. It is recommended to apply a patch to fix this issue.
{
"affected": [],
"aliases": [
"CVE-2025-2591"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-21T14:15:16Z",
"severity": "MODERATE"
},
"details": "A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFile_Quake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is identified as ab66a1674fcfac87aaba4c8b900b315ebc3e7dbd. It is recommended to apply a patch to fix this issue.",
"id": "GHSA-6q3p-m444-94qp",
"modified": "2025-03-21T15:31:15Z",
"published": "2025-03-21T15:31:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2591"
},
{
"type": "WEB",
"url": "https://github.com/assimp/assimp/issues/6009"
},
{
"type": "WEB",
"url": "https://github.com/assimp/assimp/issues/6009#issue-2877367021"
},
{
"type": "WEB",
"url": "https://github.com/assimp/assimp/pull/6047"
},
{
"type": "WEB",
"url": "https://github.com/assimp/assimp/pull/6047/commits/ab66a1674fcfac87aaba4c8b900b315ebc3e7dbd"
},
{
"type": "WEB",
"url": "https://vuldb.com/?ctiid.300574"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.300574"
},
{
"type": "WEB",
"url": "https://vuldb.com/?submit.517781"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-6Q5H-Q7W3-MF7C
Vulnerability from github – Published: 2022-05-04 00:28 – Updated: 2025-04-11 03:57The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.
{
"affected": [],
"aliases": [
"CVE-2012-0207"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2012-05-17T11:00:00Z",
"severity": "HIGH"
},
"details": "The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.",
"id": "GHSA-6q5h-q7w3-mf7c",
"modified": "2025-04-11T03:57:43Z",
"published": "2022-05-04T00:28:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2012-0207"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/25c413ad0029ea86008234be28aee33456e53e5b"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/a8c1f65c79cbbb2f7da782d4c9d15639a9b94b27"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=772867"
},
{
"type": "WEB",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=654876"
},
{
"type": "WEB",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=a8c1f65c79cbbb2f7da782d4c9d15639a9b94b27"
},
{
"type": "WEB",
"url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=a8c1f65c79cbbb2f7da782d4c9d15639a9b94b27"
},
{
"type": "WEB",
"url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.1"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2012/01/10/5"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6V2F-3V36-M3VQ
Vulnerability from github – Published: 2022-05-14 01:30 – Updated: 2022-05-14 01:30In libdoc through 2019-01-28, calcFileBlockOffset in ole.c allows division by zero.
{
"affected": [],
"aliases": [
"CVE-2019-7156"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-01-29T08:29:00Z",
"severity": "MODERATE"
},
"details": "In libdoc through 2019-01-28, calcFileBlockOffset in ole.c allows division by zero.",
"id": "GHSA-6v2f-3v36-m3vq",
"modified": "2022-05-14T01:30:36Z",
"published": "2022-05-14T01:30:36Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7156"
},
{
"type": "WEB",
"url": "https://github.com/uvoteam/libdoc/issues/5"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/106813"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6V49-9GJ6-JWWC
Vulnerability from github – Published: 2022-05-13 01:13 – Updated: 2025-04-20 03:49The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings.
{
"affected": [],
"aliases": [
"CVE-2017-17381"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-12-07T02:29:00Z",
"severity": "MODERATE"
},
"details": "The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service (divide-by-zero error and QEMU process crash) by unsetting vring alignment while updating Virtio rings.",
"id": "GHSA-6v49-9gj6-jwwc",
"modified": "2025-04-20T03:49:36Z",
"published": "2022-05-13T01:13:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17381"
},
{
"type": "WEB",
"url": "https://lists.gnu.org/archive/html/qemu-devel/2017-12/msg00166.html"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3575-1"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4213"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2017/12/05/2"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/102059"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6W33-G59H-852H
Vulnerability from github – Published: 2023-06-03 00:30 – Updated: 2024-04-04 04:31An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf's text extraction code.
This is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate.
{
"affected": [],
"aliases": [
"CVE-2023-3044"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-02T23:15:09Z",
"severity": "LOW"
},
"details": "An excessively large PDF page size (found in fuzz testing, unlikely in normal PDF files) can result in a divide-by-zero in Xpdf\u0027s text extraction code.\n\n\n\n\nThis is related to CVE-2022-30524, but the problem here is caused by a very large page size, rather than by a very large character coordinate.\n\n\n",
"id": "GHSA-6w33-g59h-852h",
"modified": "2024-04-04T04:31:06Z",
"published": "2023-06-03T00:30:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3044"
},
{
"type": "WEB",
"url": "https://github.com/baker221/poc-xpdf"
},
{
"type": "WEB",
"url": "https://www.xpdfreader.com/security-bug/CVE-2023-3044.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
GHSA-6XX8-4XH5-JH9W
Vulnerability from github – Published: 2022-05-24 19:08 – Updated: 2022-05-24 19:08A Divide-by-zero vulnerability exists in JasPer Image Coding Toolkit 2.0 in jasper/src/libjasper/jpc/jpc_enc.c
{
"affected": [],
"aliases": [
"CVE-2021-27845"
],
"database_specific": {
"cwe_ids": [
"CWE-369"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-07-15T16:15:00Z",
"severity": "MODERATE"
},
"details": "A Divide-by-zero vulnerability exists in JasPer Image Coding Toolkit 2.0 in jasper/src/libjasper/jpc/jpc_enc.c",
"id": "GHSA-6xx8-4xh5-jh9w",
"modified": "2022-05-24T19:08:11Z",
"published": "2022-05-24T19:08:11Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-27845"
},
{
"type": "WEB",
"url": "https://github.com/jasper-software/jasper/issues/194"
}
],
"schema_version": "1.4.0",
"severity": []
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.