5 matches found
CVE-2026-30979
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-based buffer overflow in CIccCalculatorFunc::InitSelectOp triggered with local user interaction causing memory corruption/crash. This vulnerability is fixed in 2.3.1.5...
EUVD-2026-10720
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a stack overflow in CIccBasicStructFactory::CreateStruct causing uncontrolled recursion/stack exhaustion and crash. This vulnerability is fixed in 2.3.1.5...
CVE-2026-30980
iccDEV contains a stack overflow in CIccBasicStructFactory::CreateStruct() that can lead to uncontrolled recursion/stack exhaustion and crash. Affected versions are prior to 2.3.1.5; the issue is fixed in 2.3.1.5. Upgrade to 2.3.1.5 to remediate.
CVE-2026-30984
The CVE-2026-30984 entry pertains to iccDEV libraries: a heap out-of-bounds read in CIccCalculatorFunc::ApplySequence() prior to version 2.3.1.5, leading to application crashes. Impact is limited to confidentiality/ integrity: Low confidentiality impact, no integrity impact, but High availability...
iccDEV 缓冲区错误漏洞
iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.5 contained a buffer error vulnerability. This vulnerability stemmed from a stack buffer overflow during the CIccXform3DLut::Apply function execution, which...