VulnerableCode Package Details - pkg:rpm/redhat/libXpm@3.5.13-8?arch=el9

Search for packages

Vulnerability	Summary	Fixed by
VCID-n7q9-a364-6uc2 Aliases: CVE-2022-44617	Loop with Unreachable Exit Condition ('Infinite Loop') A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library.	There are no reported fixed by versions.
VCID-r9ag-ykhs-h3cz Aliases: CVE-2022-46285	Loop with Unreachable Exit Condition ('Infinite Loop') A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library.	There are no reported fixed by versions.
VCID-xq3s-t6bh-pydz Aliases: CVE-2022-4883	Untrusted Search Path A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by manipulating the PATH environment variable.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-n7q9-a364-6uc2
Aliases:
CVE-2022-44617

Loop with Unreachable Exit Condition ('Infinite Loop') A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library.

There are no reported fixed by versions.

VCID-r9ag-ykhs-h3cz
Aliases:
CVE-2022-46285

Loop with Unreachable Exit Condition ('Infinite Loop') A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library.

There are no reported fixed by versions.

VCID-xq3s-t6bh-pydz
Aliases:
CVE-2022-4883

Untrusted Search Path A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by manipulating the PATH environment variable.

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T13:55:43.964075+00:00	RedHat Importer	Affected by	VCID-xq3s-t6bh-pydz	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4883.json	38.0.0
2026-04-01T13:55:43.768145+00:00	RedHat Importer	Affected by	VCID-n7q9-a364-6uc2	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44617.json	38.0.0
2026-04-01T13:55:43.599393+00:00	RedHat Importer	Affected by	VCID-r9ag-ykhs-h3cz	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46285.json	38.0.0