VulnerableCode Package Details - pkg:deb/debian/libxpm@1:3.5.7-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-2er3-yqx2-kkha Aliases: CVE-2023-43788	Out-of-bounds Read A vulnerability was found in libXpm due to a boundary condition within the `XpmCreateXpmImageFromBuffer()` function. This flaw allows a local to trigger an out-of-bounds read error and read the contents of memory on the system.	1:3.5.12-1.1+deb11u1 Affected by 0 other vulnerabilities.
VCID-9dvt-v4ar-sfbn Aliases: CVE-2016-10164	An integer overflow in libXpm might allow remote attackers to execute arbitrary code or cause a Denial of Service Condition.	1:3.5.12-0+deb8u1 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 1:3.5.12-1 Affected by 5 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-n7q9-a364-6uc2 Aliases: CVE-2022-44617	Loop with Unreachable Exit Condition ('Infinite Loop') A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library.	1:3.5.12-1.1+deb11u1 Affected by 0 other vulnerabilities.
VCID-ps42-12hh-37fh Aliases: CVE-2023-43789	Out-of-bounds Read A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system.	1:3.5.12-1.1+deb11u1 Affected by 0 other vulnerabilities.
VCID-r9ag-ykhs-h3cz Aliases: CVE-2022-46285	Loop with Unreachable Exit Condition ('Infinite Loop') A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library.	1:3.5.12-1.1+deb11u1 Affected by 0 other vulnerabilities.
VCID-xq3s-t6bh-pydz Aliases: CVE-2022-4883	Untrusted Search Path A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by manipulating the PATH environment variable.	1:3.5.12-1.1+deb11u1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-2er3-yqx2-kkha
Aliases:
CVE-2023-43788

Out-of-bounds Read A vulnerability was found in libXpm due to a boundary condition within the `XpmCreateXpmImageFromBuffer()` function. This flaw allows a local to trigger an out-of-bounds read error and read the contents of memory on the system.

1:3.5.12-1.1+deb11u1
Affected by 0 other vulnerabilities.

VCID-9dvt-v4ar-sfbn
Aliases:
CVE-2016-10164

An integer overflow in libXpm might allow remote attackers to execute arbitrary code or cause a Denial of Service Condition.

1:3.5.12-0+deb8u1
Affected by 6 other vulnerabilities.

1:3.5.12-1
Affected by 5 other vulnerabilities.

VCID-n7q9-a364-6uc2
Aliases:
CVE-2022-44617

Loop with Unreachable Exit Condition ('Infinite Loop') A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library.

1:3.5.12-1.1+deb11u1
Affected by 0 other vulnerabilities.

VCID-ps42-12hh-37fh
Aliases:
CVE-2023-43789

Out-of-bounds Read A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system.

1:3.5.12-1.1+deb11u1
Affected by 0 other vulnerabilities.

VCID-r9ag-ykhs-h3cz
Aliases:
CVE-2022-46285

Loop with Unreachable Exit Condition ('Infinite Loop') A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library.

1:3.5.12-1.1+deb11u1
Affected by 0 other vulnerabilities.

VCID-xq3s-t6bh-pydz
Aliases:
CVE-2022-4883

Untrusted Search Path A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by manipulating the PATH environment variable.

1:3.5.12-1.1+deb11u1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T21:54:42.377133+00:00	Debian Oval Importer	Affected by	VCID-xq3s-t6bh-pydz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:35:04.261282+00:00	Debian Oval Importer	Affected by	VCID-ps42-12hh-37fh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T19:43:49.469749+00:00	Debian Oval Importer	Affected by	VCID-r9ag-ykhs-h3cz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T19:39:08.046583+00:00	Debian Oval Importer	Affected by	VCID-n7q9-a364-6uc2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:51:41.724413+00:00	Debian Oval Importer	Affected by	VCID-2er3-yqx2-kkha	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:33:53.521033+00:00	Debian Oval Importer	Affected by	VCID-9dvt-v4ar-sfbn	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T13:30:54.567179+00:00	Debian Oval Importer	Affected by	VCID-9dvt-v4ar-sfbn	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.4.0
2026-04-11T21:33:06.227201+00:00	Debian Oval Importer	Affected by	VCID-xq3s-t6bh-pydz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:14:04.467150+00:00	Debian Oval Importer	Affected by	VCID-ps42-12hh-37fh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T19:26:17.649001+00:00	Debian Oval Importer	Affected by	VCID-r9ag-ykhs-h3cz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T19:21:45.690622+00:00	Debian Oval Importer	Affected by	VCID-n7q9-a364-6uc2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:37:39.902740+00:00	Debian Oval Importer	Affected by	VCID-2er3-yqx2-kkha	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:20:13.345760+00:00	Debian Oval Importer	Affected by	VCID-9dvt-v4ar-sfbn	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T13:19:35.304094+00:00	Debian Oval Importer	Affected by	VCID-9dvt-v4ar-sfbn	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.3.0
2026-04-08T21:11:19.751816+00:00	Debian Oval Importer	Affected by	VCID-xq3s-t6bh-pydz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:53:00.018487+00:00	Debian Oval Importer	Affected by	VCID-ps42-12hh-37fh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T19:09:51.214251+00:00	Debian Oval Importer	Affected by	VCID-r9ag-ykhs-h3cz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T19:05:29.042092+00:00	Debian Oval Importer	Affected by	VCID-n7q9-a364-6uc2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:25:07.370515+00:00	Debian Oval Importer	Affected by	VCID-2er3-yqx2-kkha	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:08:40.327436+00:00	Debian Oval Importer	Affected by	VCID-9dvt-v4ar-sfbn	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-07T21:55:31.657599+00:00	Debian Oval Importer	Affected by	VCID-9dvt-v4ar-sfbn	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.1.0