About The Project CVE-2022-4883 outlines a Linux PATH hijacking vulnerability in the libxpm package. Libxpm is used in a variety of projects to parse “X Pixmap” images. The National Vulnerability Database rates this vulnerability at a CVSS score of 8.8 and Red Hat has given it a CVSS score of 8.1. Per, the Arch Linux package page, 39 packages currently list libxpm as a dependency. This blog post will walk through the vulnerability and exploitation of said vulnerability.
