Astra Linux - уязвимость в libxpm

A flaw was discovered in libXpm. This issue occurs when parsing a file with a comment that is not closed properly; the “end-of-file” condition will not be detected, leading to an infinite loop and causing a Denial of Service in the application that uses the library...

Amazon Linux 2023 : libXpm, libXpm-devel (ALAS2023-2026-1656)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1656 advisory. As per upstream advisory: libXpm Out-of-bounds read in xpmNextWord CVE-2026-4367 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Ness...

Medium: libXpm

Issue Overview: As per upstream advisory: libXpm Out-of-bounds read in xpmNextWord CVE-2026-4367 Affected Packages: libXpm Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correctio...

Amazon Linux 2 : libXpm, --advisory ALAS2-2026-3291 (ALAS-2026-3291)

The version of libXpm installed on the remote host is prior to 3.5.12-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3291 advisory. As per upstream advisory: libXpm Out-of-bounds read in xpmNextWord CVE-2026-4367 Tenable has extracted the preceding description...

libXpm vulnerable to out-of-bounds read

Overview libXpm provided by X.Org Foundation incorrectly handles malformed XPM files, leading to an out-of-bounds read vulnerability. Out-of-bounds read CWE-125 - CVE-2026-4367 Naoki Wakamatsu reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...

Astra Linux - уязвимость в libxpm

A vulnerability was discovered in libXpm, where a boundary condition allows a local user to trigger an out-of-bounds read error, thereby reading contents of memory on the system...

Astra Linux - уязвимость в libxpm

A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library...

Astra Linux - уязвимость в libxpm

A flaw was discovered in libXpm. When processing files with the .Z or .gz extensions, the library calls external programs to compress and uncompress files. This process relies on the PATH environment variable to locate these programs. This vulnerability could allow a malicious user to execute oth...

JLSEC-2026-285

A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by manipulating the PATH...

JLSEC-2026-283

A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library...

JLSEC-2026-287

A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system...

libXpm-devel-3.5.18-2.1 on GA media (moderate)

libXpm-devel-3.5.18-2.1 on GA media Announcement ID: openSUSE-SU-2026:10608-1 Rating: moderate Cross-References: CVE-2026-4367 CVSS scores: CVE-2026-4367 SUSE : 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2026-4367 SUSE : 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:...

PT-2026-34870

Name of the Vulnerable Software and Affected Versions libXpm versions prior to 3.5.18-2.1 Description An issue exists in the image parsing functionality of libXpm. Recommendations Update to version 3.5.18-2.1...

OPENSUSE-SU-2026:10608-1 libXpm-devel-3.5.18-2.1 on GA media

These are all security issues fixed in the libXpm-devel-3.5.18-2.1 package on the GA media of openSUSE Tumbleweed...

[slackware-security] libXpm

New libXpm packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libXpm-3.5.19-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Out-of-bounds read in xpmNextWord. For more...

Linux Distros Unpatched Vulnerability : CVE-2026-4367

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - As per upstream advisory: libXpm Out-of-bounds read in xpmNextWord CVE-2026-4367 CVE-2026-4367 Note that Nessus relies on the presence of the package as reporte...

X.Org libXpm 安全漏洞

X.Org libXpm is a graphics processing library developed by the X.Org Foundation. X.Org libXpm has a security vulnerability that stems from the xpmNextWord function’s ability to read memory segments, which may lead to the extraction of sensitive information...

Slackware Linux 15.0 / current libXpm Vulnerability (SSA:2026-111-01)

The version of libXpm installed on the remote host is prior to 3.5.19. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-111-01 advisory. New libXpm packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding...

UBUNTU-CVE-2026-4367

libXpm Out-of-bounds read in xpmNextWord...

CVE-2026-4367

libXpm Out-of-bounds read in xpmNextWord...