Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-369 (除零错误) — Vulnerability Class 132

132 vulnerabilities classified as CWE-369 (除零错误). AI Chinese analysis included.

CWE-369, Divide By Zero, is a logical weakness where a software product attempts to divide a value by zero, causing a runtime error or application crash. This flaw typically arises when unexpected user input or internal state errors bypass validation checks, particularly in calculations involving physical dimensions like length or width. Exploitation often results in denial of service, as the resulting exception disrupts normal program flow and may expose sensitive stack traces to attackers. To mitigate this risk, developers must implement robust input validation to ensure divisor values are non-zero before arithmetic operations. Additionally, employing defensive programming techniques, such as explicit error handling blocks and boundary checks, allows the application to gracefully manage invalid inputs. By rigorously testing edge cases and enforcing strict data integrity constraints, engineers can prevent these arithmetic anomalies from compromising system stability and security.

MITRE CWE Description
The product divides a value by zero. This weakness typically occurs when an unexpected value is provided to the product, or if an error occurs that is not properly detected. It frequently occurs in calculations involving physical dimensions such as size, length, width, and height.
Common Consequences (1)
AvailabilityDoS: Crash, Exit, or Restart
A Divide by Zero results in a crash.
Examples (2)
The following Java example contains a function to compute an average but does not validate that the input value used as the denominator is not zero. This will create an exception for attempting to divide by zero. If this error is not handled by Java exception handling, unexpected results can occur.
public int computeAverageResponseTime (int totalTime, int numRequests) { return totalTime / numRequests; }
Bad · Java
public int computeAverageResponseTime (int totalTime, int numRequests) throws ArithmeticException { if (numRequests == 0) { System.out.println("Division by zero attempted!"); throw ArithmeticException; } return totalTime / numRequests; }
Good · Java
The following C/C++ example contains a function that divides two numeric values without verifying that the input value used as the denominator is not zero. This will create an error for attempting to divide by zero, if this error is not caught by the error handling capabilities of the language, unexpected results can occur.
double divide(double x, double y){ return x/y; }
Bad · C
const int DivideByZero = 10; double divide(double x, double y){ if ( 0 == y ){ throw DivideByZero; } return x/y; } ... try{ divide(10, 0); } catch( int i ){ if(i==DivideByZero) { cerr<<"Divide by zero error"; } }
Good · C
CVE IDTitleCVSSSeverityPublished
CVE-2021-33652 Huawei MindSpore Community 数字错误漏洞 — openEuler:mindspore 7.5 -2022-06-27
CVE-2021-3941 ILM OpenEXR 数字错误漏洞 — openexr 6.2 -2022-03-25
CVE-2021-42391 Yandex ClickHouse 数字错误漏洞 — clickhouse 6.5 -2022-03-14
CVE-2021-42390 Yandex ClickHouse 数字错误漏洞 — clickhouse 6.5 -2022-03-14
CVE-2021-42389 Yandex ClickHouse 数字错误漏洞 — clickhouse 6.5 -2022-03-14
CVE-2022-0856 libcaca 数字错误漏洞 — libcaca 6.5 -2022-03-08
CVE-2022-23557 Division by zero in TFLite — tensorflow 6.5 Medium2022-02-04
CVE-2021-41218 Integer division by 0 in `tf.raw_ops.AllToAll` — tensorflow 5.5 Medium2021-11-05
CVE-2021-41207 Division by zero in `ParallelConcat` — tensorflow 5.5 Medium2021-11-05
CVE-2021-41209 FPE in convolutions with zero size filters — tensorflow 5.5 Medium2021-11-05
CVE-2021-37683 Division by zero in TensorFlow Lite division operations — tensorflow 5.5 Medium2021-08-12
CVE-2021-37684 Division by zero in TensorFlow Lite pooling operations — tensorflow 5.5 Medium2021-08-12
CVE-2021-37668 Division by zero in TensorFlow Lite `tf.raw_ops.UnravelIndex` — tensorflow 5.5 Medium2021-08-12
CVE-2021-37691 Division by zero in LSH in TensorFlow Lite — tensorflow 5.5 Medium2021-08-12
CVE-2021-37680 Division by zero in TFLite in TensorFlow — tensorflow 5.5 Medium2021-08-12
CVE-2021-37675 Division by 0 in most convolution operators in TensorFlow — tensorflow 5.5 Medium2021-08-12
CVE-2021-37660 Division by 0 in inplace operations in TensorFlow — tensorflow 5.5 Medium2021-08-12
CVE-2021-37653 Division by 0 in `ResourceGather` in TensorFlow — tensorflow 5.5 Medium2021-08-12
CVE-2021-37642 Division by 0 in `ResourceScatterDiv` in TensorFlow — tensorflow 5.5 Medium2021-08-12
CVE-2021-37640 Integer division by 0 in sparse reshaping in TensorFlow — tensorflow 5.5 Medium2021-08-12
CVE-2021-37636 Floating point exception in `SparseDenseCwiseDiv` in TensorFlow — tensorflow 5.5 Medium2021-08-12
CVE-2021-34335 Denial of service due to FPE in Exiv2::Internal::resolveLens0xffff — exiv2 4.7 Medium2021-08-09
CVE-2021-29517 Division by zero in `Conv3D` — tensorflow 2.5 Low2021-05-14
CVE-2021-29522 Division by 0 in `Conv3DBackprop*` — tensorflow 2.5 Low2021-05-14
CVE-2021-29524 Division by 0 in `Conv2DBackpropFilter` — tensorflow 2.5 Low2021-05-14
CVE-2021-29585 Division by zero in padding computation in TFLite — tensorflow 2.5 Low2021-05-14
CVE-2021-29586 Division by zero in optimized pooling implementations in TFLite — tensorflow 2.5 Low2021-05-14
CVE-2021-29587 Division by zero in TFLite's implementation of `SpaceToDepth` — tensorflow 2.5 Low2021-05-14
CVE-2021-29588 Division by zero in TFLite's implementation of `TransposeConv` — tensorflow 2.5 Low2021-05-14
CVE-2021-29589 Division by zero in TFLite's implementation of `GatherNd` — tensorflow 2.5 Low2021-05-14

Vulnerabilities classified as CWE-369 (除零错误) represent 132 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.