Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-369 (除零错误) — Vulnerability Class 132

132 vulnerabilities classified as CWE-369 (除零错误). AI Chinese analysis included.

CWE-369, Divide By Zero, is a logical weakness where a software product attempts to divide a value by zero, causing a runtime error or application crash. This flaw typically arises when unexpected user input or internal state errors bypass validation checks, particularly in calculations involving physical dimensions like length or width. Exploitation often results in denial of service, as the resulting exception disrupts normal program flow and may expose sensitive stack traces to attackers. To mitigate this risk, developers must implement robust input validation to ensure divisor values are non-zero before arithmetic operations. Additionally, employing defensive programming techniques, such as explicit error handling blocks and boundary checks, allows the application to gracefully manage invalid inputs. By rigorously testing edge cases and enforcing strict data integrity constraints, engineers can prevent these arithmetic anomalies from compromising system stability and security.

MITRE CWE Description
The product divides a value by zero. This weakness typically occurs when an unexpected value is provided to the product, or if an error occurs that is not properly detected. It frequently occurs in calculations involving physical dimensions such as size, length, width, and height.
Common Consequences (1)
AvailabilityDoS: Crash, Exit, or Restart
A Divide by Zero results in a crash.
Examples (2)
The following Java example contains a function to compute an average but does not validate that the input value used as the denominator is not zero. This will create an exception for attempting to divide by zero. If this error is not handled by Java exception handling, unexpected results can occur.
public int computeAverageResponseTime (int totalTime, int numRequests) { return totalTime / numRequests; }
Bad · Java
public int computeAverageResponseTime (int totalTime, int numRequests) throws ArithmeticException { if (numRequests == 0) { System.out.println("Division by zero attempted!"); throw ArithmeticException; } return totalTime / numRequests; }
Good · Java
The following C/C++ example contains a function that divides two numeric values without verifying that the input value used as the denominator is not zero. This will create an error for attempting to divide by zero, if this error is not caught by the error handling capabilities of the language, unexpected results can occur.
double divide(double x, double y){ return x/y; }
Bad · C
const int DivideByZero = 10; double divide(double x, double y){ if ( 0 == y ){ throw DivideByZero; } return x/y; } ... try{ divide(10, 0); } catch( int i ){ if(i==DivideByZero) { cerr<<"Divide by zero error"; } }
Good · C
CVE IDTitleCVSSSeverityPublished
CVE-2021-29593 Division by zero in TFLite's implementation of `BatchToSpaceNd` — tensorflow 2.5 Low2021-05-14
CVE-2021-29594 Division by zero in TFLite's convolution code — tensorflow 2.5 Low2021-05-14
CVE-2021-29595 Division by zero in TFLite's implementation of `DepthToSpace` — tensorflow 2.5 Low2021-05-14
CVE-2021-29596 Division by zero in TFLite's implementation of `EmbeddingLookup` — tensorflow 2.5 Low2021-05-14
CVE-2021-29597 Division by zero in TFLite's implementation of `SpaceToBatchNd` — tensorflow 2.5 Low2021-05-14
CVE-2021-29598 Division by zero in TFLite's implementation of `SVDF` — tensorflow 2.5 Low2021-05-14
CVE-2021-29599 Division by zero in TFLite's implementation of `Split` — tensorflow 2.5 Low2021-05-14
CVE-2021-29600 Division by zero in TFLite's implementation of `OneHot` — tensorflow 2.5 Low2021-05-14
CVE-2021-29602 Division by zero in TFLite's implementation of `DepthwiseConv` — tensorflow 2.5 Low2021-05-14
CVE-2021-29604 Division by zero in TFLite's implementation of hashtable lookup — tensorflow 2.5 Low2021-05-14
CVE-2021-29555 Division by 0 in `FusedBatchNorm` — tensorflow 2.5 Low2021-05-14
CVE-2021-29556 Division by 0 in `Reverse` — tensorflow 2.5 Low2021-05-14
CVE-2021-29557 Division by 0 in `SparseMatMul` — tensorflow 2.5 Low2021-05-14
CVE-2021-29573 Division by 0 in `MaxPoolGradWithArgmax` — tensorflow 2.5 Low2021-05-14
CVE-2021-29525 Division by 0 in `Conv2DBackpropInput` — tensorflow 2.5 Low2021-05-14
CVE-2021-29526 Division by 0 in `Conv2D` — tensorflow 2.5 Low2021-05-14
CVE-2021-29527 Division by 0 in `QuantizedConv2D` — tensorflow 2.5 Low2021-05-14
CVE-2021-29528 Division by 0 in `QuantizedMul` — tensorflow 2.5 Low2021-05-14
CVE-2021-29538 Division by zero in `Conv2DBackpropFilter` — tensorflow 2.5 Low2021-05-14
CVE-2021-29546 Division by 0 in `QuantizedBiasAdd` — tensorflow 2.5 Low2021-05-14
CVE-2021-29548 Division by 0 in `QuantizedBatchNormWithGlobalNormalization` — tensorflow 2.5 Low2021-05-14
CVE-2021-29549 Division by 0 in `QuantizedAdd` — tensorflow 2.5 Low2021-05-14
CVE-2021-29550 Division by 0 in `FractionalAvgPool` — tensorflow 2.5 Low2021-05-14
CVE-2021-29554 Division by 0 in `DenseCountSparseOutput` — tensorflow 2.5 Low2021-05-14
CVE-2021-20311 Imagemagick Studio ImageMagick 数字错误漏洞 — ImageMagick 7.5 -2021-05-11
CVE-2021-20310 Imagemagick Studio ImageMagick 数字错误漏洞 — ImageMagick 7.5 -2021-05-11
CVE-2021-20309 Imagemagick Studio ImageMagick 数字错误漏洞 — ImagemMagick 7.5 -2021-05-11
CVE-2021-25675 Siemens SIMATIC 数字错误漏洞 — SIMATIC S7-PLCSIM V5.4 5.5 -2021-03-15
CVE-2021-20241 ImageMagick Studio ImageMagick 数字错误漏洞 — ImageMagick 5.5 -2021-03-09
CVE-2021-20243 ImageMagick Studio ImageMagick 数字错误漏洞 — ImageMagick 5.5 -2021-03-09

Vulnerabilities classified as CWE-369 (除零错误) represent 132 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.