A vulnerability has been found in Mapnik up to 4.2.0. This vulnerability affects the function mapnik::detail::mod<...>::operator of the file src/value.cpp. The manipulation leads to divide by zero. The attack needs to be performed locally. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
PUBLISHED5.2CWE-369CWE-404
Mapnik value.cpp operator divide by zero
Problem type
Affected products
Mapnik
4.0 - AFFECTED
4.1 - AFFECTED
4.2.0 - AFFECTED
References
VDB-344502 | Mapnik value.cpp operator divide by zero
https://vuldb.com/?id.344502
VDB-344502 | CTI Indicators (IOB, IOC, IOA)
https://vuldb.com/?ctiid.344502
Submit #743386 | mapnik Mapnik v4.2.0 and master branch Divide By Zero
https://vuldb.com/?submit.743386
github.com
https://github.com/mapnik/mapnik/issues/4545
github.com
https://github.com/oneafter/1219/blob/main/repro
github.com
https://github.com/mapnik/mapnik/
GitHub Security Advisories
GHSA-4r58-h5cf-8qgj
A vulnerability has been found in Mapnik up to 4.2.0. This vulnerability affects the function...
https://github.com/advisories/GHSA-4r58-h5cf-8qgjA vulnerability has been found in Mapnik up to 4.2.0. This vulnerability affects the function mapnik::detail::mod<...>::operator of the file src/value.cpp. The manipulation leads to divide by zero. The attack needs to be performed locally. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
nvd.nist.gov
https://nvd.nist.gov/vuln/detail/CVE-2025-15564
github.com
https://github.com/mapnik/mapnik/issues/4545
github.com
https://github.com/mapnik/mapnik
github.com
https://github.com/oneafter/1219/blob/main/repro
vuldb.com
https://vuldb.com/?ctiid.344502
vuldb.com
https://vuldb.com/?id.344502
vuldb.com
https://vuldb.com/?submit.743386
github.com
https://github.com/advisories/GHSA-4r58-h5cf-8qgj
JSON source
https://cveawg.mitre.org/api/cve/CVE-2025-15564Click to expand
{
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"cveMetadata": {
"cveId": "CVE-2025-15564",
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"dateUpdated": "2026-02-07T21:32:07.437Z",
"dateReserved": "2026-02-05T13:47:17.458Z",
"datePublished": "2026-02-07T21:32:07.437Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB",
"dateUpdated": "2026-02-07T21:32:07.437Z"
},
"title": "Mapnik value.cpp operator divide by zero",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in Mapnik up to 4.2.0. This vulnerability affects the function mapnik::detail::mod<...>::operator of the file src/value.cpp. The manipulation leads to divide by zero. The attack needs to be performed locally. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet."
}
],
"affected": [
{
"vendor": "n/a",
"product": "Mapnik",
"versions": [
{
"version": "4.0",
"status": "affected"
},
{
"version": "4.1",
"status": "affected"
},
{
"version": "4.2.0",
"status": "affected"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "Divide By Zero",
"cweId": "CWE-369",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"lang": "en",
"description": "Denial of Service",
"cweId": "CWE-404",
"type": "CWE"
}
]
}
],
"references": [
{
"url": "https://vuldb.com/?id.344502",
"name": "VDB-344502 | Mapnik value.cpp operator divide by zero",
"tags": [
"vdb-entry",
"technical-description"
]
},
{
"url": "https://vuldb.com/?ctiid.344502",
"name": "VDB-344502 | CTI Indicators (IOB, IOC, IOA)",
"tags": [
"signature",
"permissions-required"
]
},
{
"url": "https://vuldb.com/?submit.743386",
"name": "Submit #743386 | mapnik Mapnik v4.2.0 and master branch Divide By Zero",
"tags": [
"third-party-advisory"
]
},
{
"url": "https://github.com/mapnik/mapnik/issues/4545",
"tags": [
"issue-tracking"
]
},
{
"url": "https://github.com/oneafter/1219/blob/main/repro",
"tags": [
"exploit"
]
},
{
"url": "https://github.com/mapnik/mapnik/",
"tags": [
"product"
]
}
],
"metrics": [
{},
{
"cvssV3_1": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
"baseScore": 3.3,
"baseSeverity": "LOW"
}
},
{
"cvssV3_0": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R",
"baseScore": 3.3,
"baseSeverity": "LOW"
}
},
{
"cvssV2_0": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P/E:POC/RL:ND/RC:UR",
"baseScore": 1.7
}
}
],
"timeline": [
{
"time": "2026-02-05T00:00:00.000Z",
"lang": "en",
"value": "Advisory disclosed"
},
{
"time": "2026-02-05T01:00:00.000Z",
"lang": "en",
"value": "VulDB entry created"
},
{
"time": "2026-02-05T14:52:26.000Z",
"lang": "en",
"value": "VulDB entry last update"
}
],
"credits": [
{
"lang": "en",
"value": "Oneafter (VulDB User)",
"type": "reporter"
}
]
}
}
}