614 matches found
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: libXpm: libXpm-3.5.17-7.2.hum1 aarch64, x8664 libXpm-devel-3.5.17-7.2.hum1 aarch64, x8664 libXpm-3.5.17-7.2.hum1.src src Security Fixes: libXpm: CVE-2026-4367...
Astra Linux – Vulnerability in libxpm
A flaw was discovered in libXpm. When processing files with the .Z or .gz extensions, the library calls external programs to compress and uncompress files. This process relies on the PATH environment variable to locate these programs. This vulnerability could allow a malicious user to execute oth...
Astra Linux – Vulnerability in libxpm
A flaw was discovered in libXpm. When processing a file with a width of 0 and a very large height, some parser functions will be called repeatedly, which can lead to an infinite loop. This, in turn, can cause a Denial of Service in the application that uses the library...
Astra Linux – Vulnerability in libxpm
A flaw was discovered in libXpm. This issue occurs when parsing a file with a comment that is not closed properly; the “end-of-file” condition will not be detected, leading to an infinite loop and causing a Denial of Service in the application that uses the library...
Astra Linux – Vulnerability in libxpm
A vulnerability was discovered in libXpm, where a boundary condition allows a local user to trigger an out-of-bounds read error, thereby reading contents of memory on the system...
openSUSE 16 Security Update : libXpm (openSUSE-SU-2026:20953-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20953-1 advisory. This update for libXpm fixes the following issue: - CVE-2026-4367: out-of-bounds read in xpmNextWord bsc1260928. Tenable has extracted the preceding...
CVE-2026-4367
A flaw was found in libXpm. A local user with low privileges could exploit an Out-of-Bounds Read vulnerability in the xpmNextWord function by processing a specially crafted or very small XPM X PixMap image file. This improper validation of file boundaries can cause an internal pointer to read...
CVE-2026-4367 Libxpm: libxpm: denial of service via out-of-bounds read in xpm file parsing
A flaw was found in libXpm. A local user with low privileges could exploit an Out-of-Bounds Read vulnerability in the xpmNextWord function by processing a specially crafted or very small XPM X PixMap image file. This improper validation of file boundaries can cause an internal pointer to read...
CVE-2026-4367 Libxpm: libxpm: denial of service via out-of-bounds read in xpm file parsing
A flaw was found in libXpm. A local user with low privileges could exploit an Out-of-Bounds Read vulnerability in the xpmNextWord function by processing a specially crafted or very small XPM X PixMap image file. This improper validation of file boundaries can cause an internal pointer to read...
CVE-2026-4367
A flaw was found in libXpm. A local user with low privileges could exploit an Out-of-Bounds Read vulnerability in the xpmNextWord function by processing a specially crafted or very small XPM X PixMap image file. This improper validation of file boundaries can cause an internal pointer to read...
MGASA-2026-0186 Updated libxpm packages fix security vulnerability
libXpm Out-of-bounds read in xpmNextWord. CVE-2026-4367...
Amazon Linux 2023 : libXpm, libXpm-devel (ALAS2023-2026-1656)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1656 advisory. As per upstream advisory: libXpm Out-of-bounds read in xpmNextWord CVE-2026-4367 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Ness...
Amazon Linux 2 : libXpm, --advisory ALAS2-2026-3291 (ALAS-2026-3291)
The version of libXpm installed on the remote host is prior to 3.5.12-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3291 advisory. As per upstream advisory: libXpm Out-of-bounds read in xpmNextWord CVE-2026-4367 Tenable has extracted the preceding description...
Medium: libXpm
Issue Overview: As per upstream advisory: libXpm Out-of-bounds read in xpmNextWord CVE-2026-4367 Affected Packages: libXpm Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correctio...
libXpm vulnerable to out-of-bounds read
Overview libXpm provided by X.Org Foundation incorrectly handles malformed XPM files, leading to an out-of-bounds read vulnerability. Out-of-bounds read CWE-125 - CVE-2026-4367 Naoki Wakamatsu reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...
JLSEC-2026-283
A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library...
JLSEC-2026-285
A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by manipulating the PATH...
JLSEC-2026-287
A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system...
libXpm-devel-3.5.18-2.1 on GA media (moderate)
libXpm-devel-3.5.18-2.1 on GA media Announcement ID: openSUSE-SU-2026:10608-1 Rating: moderate Cross-References: CVE-2026-4367 CVSS scores: CVE-2026-4367 SUSE : 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2026-4367 SUSE : 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:...
OPENSUSE-SU-2026:10608-1 libXpm-devel-3.5.18-2.1 on GA media
These are all security issues fixed in the libXpm-devel-3.5.18-2.1 package on the GA media of openSUSE Tumbleweed...