Divide By Zero The advisory has been revoked - it doesn't affect any version of package libcaca0 (opens in a new tab)

Threat Intelligence

0.21% (60^th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk IDSNYK-SLES154-LIBCACA0-2807141
published30 Apr 2022
disclosed29 Apr 2022

Report a new vulnerability Found a mistake?

Introduced: 29 Apr 2022

CVE-2022-0856 (opens in a new tab) CWE-369 (opens in a new tab)

Amendment

The SLES security team deemed this advisory irrelevant for SLES:15.4.

NVD Description

Note: Versions mentioned in the description apply only to the upstream libcaca0 package and not the libcaca0 package as distributed by SLES.

libcaca is affected by a Divide By Zero issue via img2txt, which allows a remote malicious user to cause a Denial of Service

References

https://www.suse.com/security/cve/CVE-2022-0856.html
https://bugzilla.suse.com/1197028
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B3E5GF2LSX2ZEY5JZNM7HXJMLHMY436X/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GTDRPVX3HCYLQCLMQ6NNSRC3B7L6WGUM/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MFOFTTMHO666HB3TVHBMCES6GCKG5PPG/
https://github.com/cacalabs/libcaca/issues/65
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B3E5GF2LSX2ZEY5JZNM7HXJMLHMY436X/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTDRPVX3HCYLQCLMQ6NNSRC3B7L6WGUM/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MFOFTTMHO666HB3TVHBMCES6GCKG5PPG/