VYPR

Libxpm

by Xorg

CVEs (5)

  • CVE-2016-10164CriFeb 1, 2017
    risk 0.64cvss 9.8epss 0.08

    Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated…

  • CVE-2004-0687Oct 20, 2004
    risk 0.01cvss epss 0.08

    Multiple stack-based buffer overflows in (1) xpmParseColors in parse.c, (2) ParseAndPutPixels in create.c, and (3) ParsePixels in parse.c for libXpm before 6.8.1 allow remote attackers to execute arbitrary code via a malformed XPM image file.

  • CVE-2023-43789Oct 12, 2023
    risk 0.00cvss epss 0.00

    A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system.

  • CVE-2022-46285Feb 7, 2023
    risk 0.00cvss epss 0.01

    A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library.

  • CVE-2022-44617Feb 6, 2023
    risk 0.00cvss epss 0.01

    A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library.