GCVE - cpe:2.3:a:n/a:libxpm:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:libxpm:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	N/A (`22f567d3-1203-528c-8f0e-3eb9c2f6ca78`)
Product	Libxpm (`5b14ad3f-5abf-520d-908a-2fb391753701`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-4883`	vulnerable	2026-06-08 05:52:00.537287	Details available A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by manipulating the PATH environment variable. Published: 2023-02-07T00:00:00.000Z Updated: 2025-03-20T19:45:33.470Z Open on db.gcve.eu Reference links https://bugzilla.redhat.com/show_bug.cgi?id=2160213 https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9 https://lists.x.org/archives/xorg-announce/2023-January/003312.html https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/515294bb8023a45ff91669 https://lists.debian.org/debian-lts-announce/2023/06/msg00021.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-46285`	vulnerable	2026-06-08 05:50:38.487695	Details available A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library. Published: 2023-02-07T00:00:00.000Z Updated: 2025-03-25T14:43:37.619Z Open on db.gcve.eu Reference links https://bugzilla.redhat.com/show_bug.cgi?id=2160092 https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9 https://lists.x.org/archives/xorg-announce/2023-January/003312.html https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/a3a7c6dcc3b629d7650148 https://lists.debian.org/debian-lts-announce/2023/06/msg00021.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-44617`	vulnerable	2026-06-08 05:49:35.890525	Details available A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library. Published: 2023-02-06T00:00:00.000Z Updated: 2025-03-25T20:05:14.184Z Open on db.gcve.eu Reference links https://bugzilla.redhat.com/show_bug.cgi?id=2160193 https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/f80fa6ae47ad4a5beacb28 https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9 https://lists.x.org/archives/xorg-announce/2023-January/003312.html https://lists.debian.org/debian-lts-announce/2023/06/msg00021.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.