CVE-2022-44617 - A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some par

CVE-2022-44617

Summary

A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library.

References

Vulnerable Configurations

cpe:2.3:a:x.org:libxpm:-:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxpm:-:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxpm:3.5.5:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxpm:3.5.5:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxpm:3.5.6:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxpm:3.5.6:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxpm:3.5.7:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxpm:3.5.7:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxpm:3.5.8:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxpm:3.5.8:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxpm:3.5.9:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxpm:3.5.9:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxpm:3.5.10:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxpm:3.5.10:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxpm:3.5.11:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxpm:3.5.11:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxpm:3.5.12:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxpm:3.5.12:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxpm:3.5.13:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxpm:3.5.13:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxpm:3.5.14:*:*:*:*:*:*:*
cpe:2.3:a:x.org:libxpm:3.5.14:*:*:*:*:*:*:*

CVSS

Base:	None
Impact:
Exploitability:

CWE

CWE-835

CAPEC

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

17-10-2023 - 15:55

Published

06-02-2023 - 23:15

Last modified

17-10-2023 - 15:55