Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:conan/libxpm@3.5.13
Typeconan
Namespace
Namelibxpm
Version3.5.13
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.5.17
Latest_non_vulnerable_version3.5.17
Affected_by_vulnerabilities
0
url VCID-2er3-yqx2-kkha
vulnerability_id VCID-2er3-yqx2-kkha
summary 
Out-of-bounds Read
A vulnerability was found in libXpm due to a boundary condition within the `XpmCreateXpmImageFromBuffer()` function. This flaw allows a local to trigger an out-of-bounds read error and read the contents of memory on the system.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-43788.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-43788.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-43788
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05795
published_at 2026-04-29T12:55:00Z
1
value 0.00021
scoring_system epss
scoring_elements 0.05717
published_at 2026-04-21T12:55:00Z
2
value 0.00021
scoring_system epss
scoring_elements 0.0575
published_at 2026-04-24T12:55:00Z
3
value 0.00021
scoring_system epss
scoring_elements 0.05787
published_at 2026-04-26T12:55:00Z
4
value 0.00023
scoring_system epss
scoring_elements 0.06034
published_at 2026-04-04T12:55:00Z
5
value 0.00023
scoring_system epss
scoring_elements 0.06018
published_at 2026-04-07T12:55:00Z
6
value 0.00023
scoring_system epss
scoring_elements 0.06057
published_at 2026-04-08T12:55:00Z
7
value 0.00023
scoring_system epss
scoring_elements 0.06096
published_at 2026-04-09T12:55:00Z
8
value 0.00023
scoring_system epss
scoring_elements 0.06086
published_at 2026-04-11T12:55:00Z
9
value 0.00023
scoring_system epss
scoring_elements 0.0608
published_at 2026-04-12T12:55:00Z
10
value 0.00023
scoring_system epss
scoring_elements 0.06072
published_at 2026-04-13T12:55:00Z
11
value 0.00023
scoring_system epss
scoring_elements 0.06037
published_at 2026-04-16T12:55:00Z
12
value 0.00023
scoring_system epss
scoring_elements 0.06045
published_at 2026-04-18T12:55:00Z
13
value 0.00023
scoring_system epss
scoring_elements 0.06
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-43788
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2242248
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T17:04:06Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2242248
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43788
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43788
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43789
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43789
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6FARGWN7VWXXWPXYNEEDJLRR3EWFZ3T/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6FARGWN7VWXXWPXYNEEDJLRR3EWFZ3T/
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
11
reference_url https://access.redhat.com/security/cve/CVE-2023-43788
reference_id CVE-2023-43788
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T17:04:06Z/
url https://access.redhat.com/security/cve/CVE-2023-43788
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-43788
reference_id CVE-2023-43788
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2023-43788
13
reference_url https://security.gentoo.org/glsa/202408-03
reference_id GLSA-202408-03
reference_type
scores
url https://security.gentoo.org/glsa/202408-03
14
reference_url https://access.redhat.com/errata/RHSA-2024:2146
reference_id RHSA-2024:2146
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T17:04:06Z/
url https://access.redhat.com/errata/RHSA-2024:2146
15
reference_url https://access.redhat.com/errata/RHSA-2024:2217
reference_id RHSA-2024:2217
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T17:04:06Z/
url https://access.redhat.com/errata/RHSA-2024:2217
16
reference_url https://access.redhat.com/errata/RHSA-2024:2974
reference_id RHSA-2024:2974
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T17:04:06Z/
url https://access.redhat.com/errata/RHSA-2024:2974
17
reference_url https://access.redhat.com/errata/RHSA-2024:3022
reference_id RHSA-2024:3022
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T17:04:06Z/
url https://access.redhat.com/errata/RHSA-2024:3022
18
reference_url https://usn.ubuntu.com/6408-1/
reference_id USN-6408-1
reference_type
scores
url https://usn.ubuntu.com/6408-1/
19
reference_url https://usn.ubuntu.com/6408-2/
reference_id USN-6408-2
reference_type
scores
url https://usn.ubuntu.com/6408-2/
fixed_packages
0
url pkg:conan/libxpm@3.5.17
purl pkg:conan/libxpm@3.5.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/libxpm@3.5.17
aliases CVE-2023-43788
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2er3-yqx2-kkha
1
url VCID-n7q9-a364-6uc2
vulnerability_id VCID-n7q9-a364-6uc2
summary 
Loop with Unreachable Exit Condition ('Infinite Loop')
A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44617.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44617.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-44617
reference_id
reference_type
scores
0
value 0.00073
scoring_system epss
scoring_elements 0.22297
published_at 2026-04-02T12:55:00Z
1
value 0.00073
scoring_system epss
scoring_elements 0.21964
published_at 2026-04-29T12:55:00Z
2
value 0.00073
scoring_system epss
scoring_elements 0.22341
published_at 2026-04-04T12:55:00Z
3
value 0.00073
scoring_system epss
scoring_elements 0.22126
published_at 2026-04-07T12:55:00Z
4
value 0.00073
scoring_system epss
scoring_elements 0.22208
published_at 2026-04-08T12:55:00Z
5
value 0.00073
scoring_system epss
scoring_elements 0.22263
published_at 2026-04-09T12:55:00Z
6
value 0.00073
scoring_system epss
scoring_elements 0.22282
published_at 2026-04-11T12:55:00Z
7
value 0.00073
scoring_system epss
scoring_elements 0.2224
published_at 2026-04-12T12:55:00Z
8
value 0.00073
scoring_system epss
scoring_elements 0.2218
published_at 2026-04-16T12:55:00Z
9
value 0.00073
scoring_system epss
scoring_elements 0.22175
published_at 2026-04-18T12:55:00Z
10
value 0.00073
scoring_system epss
scoring_elements 0.22129
published_at 2026-04-21T12:55:00Z
11
value 0.00073
scoring_system epss
scoring_elements 0.2199
published_at 2026-04-24T12:55:00Z
12
value 0.00073
scoring_system epss
scoring_elements 0.21977
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-44617
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2160193
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T20:01:52Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2160193
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44617
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44617
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/f80fa6ae47ad4a5beacb28
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T20:01:52Z/
url https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/f80fa6ae47ad4a5beacb28
6
reference_url https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T20:01:52Z/
url https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9
7
reference_url https://lists.debian.org/debian-lts-announce/2023/06/msg00021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T20:01:52Z/
url https://lists.debian.org/debian-lts-announce/2023/06/msg00021.html
8
reference_url https://lists.x.org/archives/xorg-announce/2023-January/003312.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T20:01:52Z/
url https://lists.x.org/archives/xorg-announce/2023-January/003312.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-44617
reference_id CVE-2022-44617
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-44617
10
reference_url https://security.gentoo.org/glsa/202408-03
reference_id GLSA-202408-03
reference_type
scores
url https://security.gentoo.org/glsa/202408-03
11
reference_url https://access.redhat.com/errata/RHSA-2023:0378
reference_id RHSA-2023:0378
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0378
12
reference_url https://access.redhat.com/errata/RHSA-2023:0379
reference_id RHSA-2023:0379
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0379
13
reference_url https://access.redhat.com/errata/RHSA-2023:0380
reference_id RHSA-2023:0380
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0380
14
reference_url https://access.redhat.com/errata/RHSA-2023:0381
reference_id RHSA-2023:0381
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0381
15
reference_url https://access.redhat.com/errata/RHSA-2023:0382
reference_id RHSA-2023:0382
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0382
16
reference_url https://access.redhat.com/errata/RHSA-2023:0383
reference_id RHSA-2023:0383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0383
17
reference_url https://access.redhat.com/errata/RHSA-2023:0384
reference_id RHSA-2023:0384
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0384
18
reference_url https://usn.ubuntu.com/5807-1/
reference_id USN-5807-1
reference_type
scores
url https://usn.ubuntu.com/5807-1/
19
reference_url https://usn.ubuntu.com/5807-2/
reference_id USN-5807-2
reference_type
scores
url https://usn.ubuntu.com/5807-2/
fixed_packages
0
url pkg:conan/libxpm@3.5.15
purl pkg:conan/libxpm@3.5.15
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/libxpm@3.5.15
1
url pkg:conan/libxpm@3.5.17
purl pkg:conan/libxpm@3.5.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/libxpm@3.5.17
aliases CVE-2022-44617
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n7q9-a364-6uc2
2
url VCID-r9ag-ykhs-h3cz
vulnerability_id VCID-r9ag-ykhs-h3cz
summary 
Loop with Unreachable Exit Condition ('Infinite Loop')
A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46285.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46285.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-46285
reference_id
reference_type
scores
0
value 0.00103
scoring_system epss
scoring_elements 0.28336
published_at 2026-04-02T12:55:00Z
1
value 0.00103
scoring_system epss
scoring_elements 0.27858
published_at 2026-04-29T12:55:00Z
2
value 0.00103
scoring_system epss
scoring_elements 0.28379
published_at 2026-04-04T12:55:00Z
3
value 0.00103
scoring_system epss
scoring_elements 0.28169
published_at 2026-04-07T12:55:00Z
4
value 0.00103
scoring_system epss
scoring_elements 0.28234
published_at 2026-04-08T12:55:00Z
5
value 0.00103
scoring_system epss
scoring_elements 0.28277
published_at 2026-04-09T12:55:00Z
6
value 0.00103
scoring_system epss
scoring_elements 0.28282
published_at 2026-04-11T12:55:00Z
7
value 0.00103
scoring_system epss
scoring_elements 0.28238
published_at 2026-04-12T12:55:00Z
8
value 0.00103
scoring_system epss
scoring_elements 0.2818
published_at 2026-04-13T12:55:00Z
9
value 0.00103
scoring_system epss
scoring_elements 0.28193
published_at 2026-04-16T12:55:00Z
10
value 0.00103
scoring_system epss
scoring_elements 0.28176
published_at 2026-04-18T12:55:00Z
11
value 0.00103
scoring_system epss
scoring_elements 0.2813
published_at 2026-04-21T12:55:00Z
12
value 0.00103
scoring_system epss
scoring_elements 0.28047
published_at 2026-04-24T12:55:00Z
13
value 0.00103
scoring_system epss
scoring_elements 0.27935
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-46285
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2160092
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T14:43:21Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2160092
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46285
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46285
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/a3a7c6dcc3b629d7650148
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T14:43:21Z/
url https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/a3a7c6dcc3b629d7650148
6
reference_url https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T14:43:21Z/
url https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9
7
reference_url https://lists.debian.org/debian-lts-announce/2023/06/msg00021.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T14:43:21Z/
url https://lists.debian.org/debian-lts-announce/2023/06/msg00021.html
8
reference_url https://lists.x.org/archives/xorg-announce/2023-January/003312.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T14:43:21Z/
url https://lists.x.org/archives/xorg-announce/2023-January/003312.html
9
reference_url http://www.openwall.com/lists/oss-security/2023/10/03/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T14:43:21Z/
url http://www.openwall.com/lists/oss-security/2023/10/03/1
10
reference_url http://www.openwall.com/lists/oss-security/2023/10/03/10
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-25T14:43:21Z/
url http://www.openwall.com/lists/oss-security/2023/10/03/10
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-46285
reference_id CVE-2022-46285
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-46285
12
reference_url https://security.gentoo.org/glsa/202408-03
reference_id GLSA-202408-03
reference_type
scores
url https://security.gentoo.org/glsa/202408-03
13
reference_url https://access.redhat.com/errata/RHSA-2023:0378
reference_id RHSA-2023:0378
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0378
14
reference_url https://access.redhat.com/errata/RHSA-2023:0379
reference_id RHSA-2023:0379
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0379
15
reference_url https://access.redhat.com/errata/RHSA-2023:0380
reference_id RHSA-2023:0380
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0380
16
reference_url https://access.redhat.com/errata/RHSA-2023:0381
reference_id RHSA-2023:0381
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0381
17
reference_url https://access.redhat.com/errata/RHSA-2023:0382
reference_id RHSA-2023:0382
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0382
18
reference_url https://access.redhat.com/errata/RHSA-2023:0383
reference_id RHSA-2023:0383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0383
19
reference_url https://access.redhat.com/errata/RHSA-2023:0384
reference_id RHSA-2023:0384
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0384
20
reference_url https://usn.ubuntu.com/5807-1/
reference_id USN-5807-1
reference_type
scores
url https://usn.ubuntu.com/5807-1/
21
reference_url https://usn.ubuntu.com/5807-2/
reference_id USN-5807-2
reference_type
scores
url https://usn.ubuntu.com/5807-2/
22
reference_url https://usn.ubuntu.com/5807-3/
reference_id USN-5807-3
reference_type
scores
url https://usn.ubuntu.com/5807-3/
fixed_packages
0
url pkg:conan/libxpm@3.5.15
purl pkg:conan/libxpm@3.5.15
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/libxpm@3.5.15
1
url pkg:conan/libxpm@3.5.17
purl pkg:conan/libxpm@3.5.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/libxpm@3.5.17
aliases CVE-2022-46285
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r9ag-ykhs-h3cz
3
url VCID-xq3s-t6bh-pydz
vulnerability_id VCID-xq3s-t6bh-pydz
summary 
Untrusted Search Path
A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by manipulating the PATH environment variable.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4883.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4883.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-4883
reference_id
reference_type
scores
0
value 0.00184
scoring_system epss
scoring_elements 0.40146
published_at 2026-04-08T12:55:00Z
1
value 0.00184
scoring_system epss
scoring_elements 0.39785
published_at 2026-04-29T12:55:00Z
2
value 0.00184
scoring_system epss
scoring_elements 0.40172
published_at 2026-04-04T12:55:00Z
3
value 0.00184
scoring_system epss
scoring_elements 0.40093
published_at 2026-04-07T12:55:00Z
4
value 0.00184
scoring_system epss
scoring_elements 0.40159
published_at 2026-04-09T12:55:00Z
5
value 0.00184
scoring_system epss
scoring_elements 0.40169
published_at 2026-04-11T12:55:00Z
6
value 0.00184
scoring_system epss
scoring_elements 0.40131
published_at 2026-04-12T12:55:00Z
7
value 0.00184
scoring_system epss
scoring_elements 0.40112
published_at 2026-04-13T12:55:00Z
8
value 0.00184
scoring_system epss
scoring_elements 0.40162
published_at 2026-04-16T12:55:00Z
9
value 0.00184
scoring_system epss
scoring_elements 0.40132
published_at 2026-04-18T12:55:00Z
10
value 0.00184
scoring_system epss
scoring_elements 0.40053
published_at 2026-04-21T12:55:00Z
11
value 0.00184
scoring_system epss
scoring_elements 0.39882
published_at 2026-04-24T12:55:00Z
12
value 0.00184
scoring_system epss
scoring_elements 0.39866
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-4883
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2160213
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-20T19:44:09Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2160213
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4883
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4883
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/515294bb8023a45ff91669
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-20T19:44:09Z/
url https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/515294bb8023a45ff91669
6
reference_url https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-20T19:44:09Z/
url https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9
7
reference_url https://lists.debian.org/debian-lts-announce/2023/06/msg00021.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-20T19:44:09Z/
url https://lists.debian.org/debian-lts-announce/2023/06/msg00021.html
8
reference_url https://lists.x.org/archives/xorg-announce/2023-January/003312.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-20T19:44:09Z/
url https://lists.x.org/archives/xorg-announce/2023-January/003312.html
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-4883
reference_id CVE-2022-4883
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-4883
10
reference_url https://security.gentoo.org/glsa/202408-03
reference_id GLSA-202408-03
reference_type
scores
url https://security.gentoo.org/glsa/202408-03
11
reference_url https://access.redhat.com/errata/RHSA-2023:0377
reference_id RHSA-2023:0377
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0377
12
reference_url https://access.redhat.com/errata/RHSA-2023:0378
reference_id RHSA-2023:0378
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0378
13
reference_url https://access.redhat.com/errata/RHSA-2023:0379
reference_id RHSA-2023:0379
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0379
14
reference_url https://access.redhat.com/errata/RHSA-2023:0380
reference_id RHSA-2023:0380
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0380
15
reference_url https://access.redhat.com/errata/RHSA-2023:0381
reference_id RHSA-2023:0381
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0381
16
reference_url https://access.redhat.com/errata/RHSA-2023:0382
reference_id RHSA-2023:0382
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0382
17
reference_url https://access.redhat.com/errata/RHSA-2023:0383
reference_id RHSA-2023:0383
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0383
18
reference_url https://access.redhat.com/errata/RHSA-2023:0384
reference_id RHSA-2023:0384
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0384
19
reference_url https://usn.ubuntu.com/5807-1/
reference_id USN-5807-1
reference_type
scores
url https://usn.ubuntu.com/5807-1/
20
reference_url https://usn.ubuntu.com/5807-2/
reference_id USN-5807-2
reference_type
scores
url https://usn.ubuntu.com/5807-2/
fixed_packages
0
url pkg:conan/libxpm@3.5.15
purl pkg:conan/libxpm@3.5.15
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/libxpm@3.5.15
1
url pkg:conan/libxpm@3.5.17
purl pkg:conan/libxpm@3.5.17
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:conan/libxpm@3.5.17
aliases CVE-2022-4883
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xq3s-t6bh-pydz
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:conan/libxpm@3.5.13