Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-dwpw-gbyx-9bcm
Vulnerability ID VCID-dwpw-gbyx-9bcm
Aliases CVE-2022-44617
Summary Loop with Unreachable Exit Condition ('Infinite Loop') A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2022-44617
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2022-44617
https://bugzilla.redhat.com/show_bug.cgi?id=2160193
https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/f80fa6ae47ad4a5beacb28
https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9
https://lists.debian.org/debian-lts-announce/2023/06/msg00021.html
https://lists.x.org/archives/xorg-announce/2023-January/003312.html
CVE-2022-44617 https://nvd.nist.gov/vuln/detail/CVE-2022-44617
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.22268
EPSS Score 0.00073
Published At May 30, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-30T20:59:41.163738+00:00 GitLab Importer Import https://gitlab.com/gitlab-org/advisories-community/-/blob/main/conan/libxpm/CVE-2022-44617.yml 38.6.0