CVE-2024-38427

2024-06-1602:15:08

[email protected]

web.nvd.nist.gov

international color consortium

demoiccmax

logic flaw

cicctagxmlprofilesequenceid

parsexml

iccxml

icclibxml

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

In International Color Consortium DemoIccMAX before 85ce74e, a logic flaw in CIccTagXmlProfileSequenceId::ParseXml in IccXML/IccLibXML/IccTagXml.cpp results in unconditionally returning false.

References

github.com/InternationalColorConsortium/DemoIccMAX/pull/66

github.com/InternationalColorConsortium/DemoIccMAX/pull/66/commits/85ce74ef19fb0751c7e188b06daed22fe74c332c