Lucene search

K
cvelistRedhatCVELIST:CVE-2022-4883
HistoryFeb 07, 2023 - 12:00 a.m.

CVE-2022-4883

2023-02-0700:00:00
CWE-426
redhat
www.cve.org

8.9 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.1%

A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by manipulating the PATH environment variable.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "libXpm",
    "versions": [
      {
        "version": "3.5.15",
        "status": "affected"
      }
    ]
  }
]