Color

Iccdev

104 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2026-34546

Exploit
  • EPSS 0.02%
  • Veröffentlicht 31.03.2026 22:06:56
  • Zuletzt bearbeitet 20.04.2026 14:32:34

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted TIFF input can trigger Undefined Behavior (UB) due to division by zero in the TIFF handling code paths used by iccTiffDum...

5.5

CVE-2026-34542

Exploit
  • EPSS 0.02%
  • Veröffentlicht 31.03.2026 22:05:17
  • Zuletzt bearbeitet 20.04.2026 14:31:14

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack-buffer-overflow (SBO) in CIccCalculatorFunc::Apply() when processed via iccApplyNamedCmm....

5.5

CVE-2026-34541

Exploit
  • EPSS 0.02%
  • Veröffentlicht 31.03.2026 22:04:16
  • Zuletzt bearbeitet 20.04.2026 13:54:00

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior (UB) via a null-pointer member call in CIccCombinedConnectionConditions::CIccC...

5.5

CVE-2026-34540

Exploit
  • EPSS 0.02%
  • Veröffentlicht 31.03.2026 22:03:24
  • Zuletzt bearbeitet 20.04.2026 13:53:34

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow (HBO) in icMemDump() when iccDumpProfile attempts to dump/describe malform...

5.5

CVE-2026-34539

Exploit
  • EPSS 0.02%
  • Veröffentlicht 31.03.2026 22:01:38
  • Zuletzt bearbeitet 20.04.2026 13:52:57

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile and TIFF input can trigger a heap-buffer-overflow (HBO) in CTiffImg::WriteLine(). The issue is observable und...

5.5

CVE-2026-34537

Exploit
  • EPSS 0.02%
  • Veröffentlicht 31.03.2026 22:00:16
  • Zuletzt bearbeitet 20.04.2026 13:51:55

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior (UB) in CIccOpDefEnvVar::Exec() due to invalid enum values being loaded for ic...

5.5

CVE-2026-34536

Exploit
  • EPSS 0.02%
  • Veröffentlicht 31.03.2026 21:59:14
  • Zuletzt bearbeitet 20.04.2026 13:51:11

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack overflow (SO) in SIccCalcOp::ArgsUsed(). The issue is observable under AddressSanitizer a...

5.5

CVE-2026-34535

Exploit
  • EPSS 0.02%
  • Veröffentlicht 31.03.2026 21:58:17
  • Zuletzt bearbeitet 20.04.2026 13:50:16

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a segmentation fault (SEGV) in CIccTagArray::Cleanup(). The issue is observable under UBSan/ASan ...

5.5

CVE-2026-34534

  • EPSS 0.01%
  • Veröffentlicht 31.03.2026 21:57:17
  • Zuletzt bearbeitet 20.04.2026 13:41:01

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow (HBO) in CIccMpeSpectralMatrix::Describe(). The issue is observable under ...

5.5

CVE-2026-34533

Exploit
  • EPSS 0.02%
  • Veröffentlicht 31.03.2026 21:56:28
  • Zuletzt bearbeitet 20.04.2026 13:48:48

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior (UB) in CIccCalculatorFunc::ApplySequence() due to invalid enum values being l...