Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-46285

A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library.

Published

2023-02-07T19:15:09.147

Last Modified

2025-03-25T15:15:16.490

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
CWE-835

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	x.org	libxpm	< 3.5.15	Yes

References

http://www.openwall.com/lists/oss-security/2023/10/03/1 ([email protected])
http://www.openwall.com/lists/oss-security/2023/10/03/10 ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=2160092 Issue Tracking, Patch, Third Party Advisory ([email protected])
https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/a3a7c6dcc3b629d7650148 ([email protected])
https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9 ([email protected])
https://lists.debian.org/debian-lts-announce/2023/06/msg00021.html ([email protected])
https://lists.x.org/archives/xorg-announce/2023-January/003312.html ([email protected])
http://www.openwall.com/lists/oss-security/2023/10/03/1 (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2023/10/03/10 (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=2160092 Issue Tracking, Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/a3a7c6dcc3b629d7650148 (af854a3a-2127-422b-91ae-364da2661108)
https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9 (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2023/06/msg00021.html (af854a3a-2127-422b-91ae-364da2661108)
https://lists.x.org/archives/xorg-announce/2023-January/003312.html (af854a3a-2127-422b-91ae-364da2661108)