CVE-2022-0856

MEDIUM

Libcaca - Divide By Zero

Title source: rule

Description

libcaca is affected by a Divide By Zero issue via img2txt, which allows a remote malicious user to cause a Denial of Service

References (4)

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GTDRPVX3HCYLQCLMQ6NNSRC3B7L6WGUM/

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B3E5GF2LSX2ZEY5JZNM7HXJMLHMY436X/

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MFOFTTMHO666HB3TVHBMCES6GCKG5PPG/

[Exploit, Issue Tracking, Third Party Advisory] https://github.com/cacalabs/libcaca/issues/65

Scores

CVSS v3 6.5

EPSS 0.0390

EPSS Percentile 88.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Details

CWE

CWE-369

Status published

Products (3)

fedoraproject/fedora 37

fedoraproject/fedora 38

libcaca_project/libcaca 0.99 beta20

Published Mar 10, 2022

Tracked Since Feb 18, 2026