Fedora 36 : libXpm (2023-49dbeb6b03)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-49dbeb6b03 advisory. libXpm 3.5.15, fixes CVE-2022-46285, CVE-2022-44617, CVE-2022-4883 Tenable has extracted the preceding description block directly from the Fedora...

AlmaLinux 9 : libXpm (ALSA-2023:0383)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0383 advisory. - libXpm: compression commands depend on $PATH CVE-2022-4883 - libXpm: Runaway loop on width of 0 and enormous height CVE-2022-44617 - libXpm: Infinite lo...

Oracle Linux 9 : libXpm (ELSA-2023-0383)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0383 advisory. - Fix CVE-2022-46285: infinite loop on unclosed comments 2160230 - Fix CVE-2022-44617: runaway loop with width of 0 2160232 Tenable has extracted the...

RHEL 9 : libXpm (RHSA-2023:0381)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0381 advisory. X.Org X11 libXpm runtime library. Security Fixes: libXpm: compression commands depend on $PATH CVE-2022-4883 libXpm: Runaway loop on width o...

libXpm security update

3.5.12-9 - Fix CVE-2022-46285: infinite loop on unclosed comments 2161800 - Fix CVE-2022-44617: runaway loop with width of 0 2161808 - Fix CVE-2022-4883: compression depends on /usr/local/bin:/usr/bin 2160238...

Important: Red Hat Security Advisory: libXpm security update

An update for libXpm is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: libXpm security update

An update for libXpm is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: libXpm security update

An update for libXpm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Important: Red Hat Security Advisory: libXpm security update

An update for libXpm is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Important: Red Hat Security Advisory: libXpm security update

An update for libXpm is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security...

RLSA-2023:0383 Important: libXpm security update

X.Org X11 libXpm runtime library. Security Fixes: libXpm: compression commands depend on $PATH CVE-2022-4883 libXpm: Runaway loop on width of 0 and enormous height CVE-2022-44617 libXpm: Infinite loop on unclosed comments CVE-2022-46285 For more details about the security issues, including the...

libXpm security update

An update is available for libXpm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list X.Org X11 libXpm runtime library. Security Fixes: libXpm: compression commands...

libXpm security update

An update is available for libXpm. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list X.Org X11 libXpm runtime library. Security Fixes: libXpm: compression commands...

RLSA-2023:0379 Important: libXpm security update

X.Org X11 libXpm runtime library. Security Fixes: libXpm: compression commands depend on $PATH CVE-2022-4883 libXpm: Runaway loop on width of 0 and enormous height CVE-2022-44617 libXpm: Infinite loop on unclosed comments CVE-2022-46285 For more details about the security issues, including the...

ALSA-2023:0383 Important: libXpm security update

X.Org X11 libXpm runtime library. Security Fixes: libXpm: compression commands depend on $PATH CVE-2022-4883 libXpm: Runaway loop on width of 0 and enormous height CVE-2022-44617 libXpm: Infinite loop on unclosed comments CVE-2022-46285 For more details about the security issues, including the...

Important: libXpm security update

X.Org X11 libXpm runtime library. Security Fixes: libXpm: compression commands depend on $PATH CVE-2022-4883 libXpm: Runaway loop on width of 0 and enormous height CVE-2022-44617 libXpm: Infinite loop on unclosed comments CVE-2022-46285 For more details about the security issues, including the...

ALSA-2023:0379 Important: libXpm security update

X.Org X11 libXpm runtime library. Security Fixes: libXpm: compression commands depend on $PATH CVE-2022-4883 libXpm: Runaway loop on width of 0 and enormous height CVE-2022-44617 libXpm: Infinite loop on unclosed comments CVE-2022-46285 For more details about the security issues, including the...

libXpm -- Issues handling XPM files

The X.Org project reports: CVE-2022-46285: Infinite loop on unclosed comments When reading XPM images from a file with libXpm 3.5.14 or older, if a comment in the file is not closed i.e. a C-style comment starts with "/" and is missing the closing "/", the ParseComment function will loop forever...