CVE-2026-34536 iccDEV: SO in SIccCalcOp::ArgsUsed()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack overflow SO in SIccCalcOp::ArgsUsed. The issue is observable under AddressSanitizer as a stack-overflow when iccApplyProfiles processes ...

CVE-2026-34536 iccDEV: SO in SIccCalcOp::ArgsUsed()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack overflow SO in SIccCalcOp::ArgsUsed. The issue is observable under AddressSanitizer as a stack-overflow when iccApplyProfiles processes ...

CVE-2026-34535 iccDEV: SEGV in CIccTagArray::Cleanup()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a segmentation fault SEGV in CIccTagArray::Cleanup. The issue is observable under UBSan/ASan as misaligned member access / misaligned pointer...

CVE-2026-34533 iccDEV: UB in CIccCalculatorFunc::ApplySequence()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior UB in CIccCalculatorFunc::ApplySequence due to invalid enum values being loaded for icChannelFuncSignature. The issue is...

iccDEV 数字错误漏洞

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.6 contained a numerical error vulnerability. This vulnerability occurred due to specially crafted TIFF inputs, which could lead to zero errors and trigger...

PT-2026-29391

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted TIFF input can trigger Undefined Behavior UB due to division by zero in the TIFF handling code paths used by iccTiffDump. This issue has been patched in version 2.3.1.6...

PT-2026-29393

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in the XML conversion tooling path iccToXml caused by an implicit conversion from a negative signed integer to icUInt32Number unsigned...

iccDEV 代码问题漏洞

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.6 contained code-related vulnerabilities. These vulnerabilities stemmed from specially crafted ICC configuration files that could trigger calls to null...

iccDEV 安全漏洞

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.6 contained security vulnerabilities; these vulnerabilities were caused by specially crafted ICC configuration files that could lead to stack buffer overflo...

iccDEV 安全漏洞

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.6 contained security vulnerabilities. These vulnerabilities were caused by specially crafted input configurations that could trigger invalid left shift...

iccDEV 代码问题漏洞

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.6 contained code-related vulnerabilities; these vulnerabilities were caused by potential null pointer dereferencing when processing specially crafted ICC...

iccDEV 安全漏洞

iccDEV is an open-source color configuration code library developed by the International Color Consortium. Versions of iccDEV prior to 2.3.1.6 contained security vulnerabilities, which were caused by defects in the LUT dump/iteration logic...

CVE-2026-30981

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-buffer-overflow read in CIccXmlArrayType::DumpArray causing out-of-bounds read and/or crash. This vulnerability is fixed in 2.3.1.5...

CVE-2026-30984

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap out-of-bounds read in CIccCalculatorFunc::ApplySequence causing an application crash. This vulnerability is fixed in 2.3.1.5...

CVE-2026-31793

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a segmentation fault due to invalid/wild pointer read in CIccCalculatorFunc::ApplySequence causing denial of service. This vulnerability is fixed in 2.3.1.5...

CVE-2026-30978

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-use-after-free in CIccCmm::AddXform causing invalid vptr dereference and crash. This vulnerability is fixed in 2.3.1.5...

CVE-2026-31794

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a segmentation fault from invalid/wild pointer read in CIccCLUT::Interp3d causing a denial of service. This vulnerability is fixed in 2.3.1.5...

CVE-2026-31795

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a stack buffer overflow write in CIccXform3DLut::Apply corrupting stack memory or crash. This vulnerability is fixed in 2.3.1.5...

CVE-2026-30984

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap out-of-bounds read in CIccCalculatorFunc::ApplySequence causing an application crash. This vulnerability is fixed in 2.3.1.5...

CVE-2026-30985

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-based buffer overflow write in CIccMatrixMath::SetRange causing memory corruption or crash. This vulnerability is fixed in 2.3.1.5...