{"id":"CVE-2022-46285","details":"A flaw was found in libXpm. This issue occurs when parsing a file with a comment not closed; the end-of-file condition will not be detected, leading to an infinite loop and resulting in a Denial of Service in the application linked to the library.","modified":"2026-05-08T04:26:50.508451Z","published":"2023-02-07T00:00:00Z","related":["ALSA-2023:0379","ALSA-2023:0383","SUSE-SU-2023:0165-1","SUSE-SU-2023:0171-1","openSUSE-SU-2024:12617-1"],"database_specific":{"cna_assigner":"redhat","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/46xxx/CVE-2022-46285.json","cwe_ids":["CWE-835"]},"references":[{"type":"WEB","url":"https://lists.x.org/archives/xorg-announce/2023-January/003312.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/46xxx/CVE-2022-46285.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-46285"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2160092"},{"type":"FIX","url":"https://gitlab.freedesktop.org/xorg/lib/libxpm/-/commit/a3a7c6dcc3b629d7650148"},{"type":"FIX","url":"https://gitlab.freedesktop.org/xorg/lib/libxpm/-/merge_requests/9"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2023/10/03/1"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2023/10/03/10"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2023/06/msg00021.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.freedesktop.org/xorg/lib/libxpm","events":[{"introduced":"0"},{"fixed":"a3a7c6dcc3b629d7650148"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-46285.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}