EUVD-2026-17695

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow HBO in CIccMpeSpectralMatrix::Describe. The issue is observable under AddressSanitizer as an out-of-bounds heap read when...

PT-2026-29383

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a heap-buffer-overflow HBO in CIccMpeSpectralMatrix::Describe. The issue is observable under AddressSanitizer as an out-of-bounds heap read when...

CVE-2026-22861

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Prior to 2.3.1.2, There is a heap-based buffer overflow in SIccCalcOp::Describe at IccProfLib/IccMpeCalc.cpp. This...

EUVD-2026-2412

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Prior to 2.3.1.2, There is a heap-based buffer overflow in SIccCalcOp::Describe at IccProfLib/IccMpeCalc.cpp. This...

CVE-2026-22861

CVE-2026-22861 affects iccDEV prior to version 2.3.1.2, where a heap-based buffer overflow occurs in SIccCalcOp::Describe() (IccProfLib/IccMpeCalc.cpp) when processing ICC color profiles. The vulnerability is fixed in iccDEV 2.3.1.2. Affected users should upgrade to 2.3.1.2 or later to remediate ...

iccDEV 安全漏洞

iccDEV is an open source color configuration codebase from the International Color Consortium. A security vulnerability exists in versions prior to iccDEV 2.3.1.2, which stems from a heap-based buffer overflow in the SIccCalcOp::Describe function...

CVE-2026-22047

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow vulnerability in SIccCalcOp::Describe at IccProfLib/IccMpeCalc.cpp. Thi...

CVE-2026-22047

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow vulnerability in SIccCalcOp::Describe at IccProfLib/IccMpeCalc.cpp. Thi...

CVE-2026-22047 iccDEV has heap-buffer-overflow in SIccCalcOp::Describe() at IccProfLib/IccMpeCalc.cpp

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow vulnerability in SIccCalcOp::Describe at IccProfLib/IccMpeCalc.cpp. Thi...

CVE-2026-22047

iccDEV contains a heap-buffer-overflow vulnerability in SIccCalcOp::Describe() located in IccProfLib/IccMpeCalc.cpp for versions prior to 2.3.1.2. The issue affects users processing ICC color profiles. A patch is available in version 2.3.1.2. No public workarounds are documented in the provided s...

CVE-2026-22047 iccDEV has heap-buffer-overflow in SIccCalcOp::Describe() at IccProfLib/IccMpeCalc.cpp

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow vulnerability in SIccCalcOp::Describe at IccProfLib/IccMpeCalc.cpp. Thi...

PT-2026-2146

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools for interacting with International Color Consortium ICC color management profiles. A heap-buffer-overflow vulnerability exists in the SIccCalcOp::Describe...

iccDEV 安全漏洞

iccDEV is an open source color configuration code library from the International Color Consortium. A security vulnerability exists in iccDEV versions prior to 2.3.1.2 that stems from a heap buffer overflow in the SIccCalcOp::Describe function, which may result in memory corruption...

DEBIAN-CVE-2021-44538

The olmsessiondescribe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted...

Matrix libolm 缓冲区错误漏洞

Matrix libolm is a cryptographic library. A security vulnerability in the olmsessiondescribe function in Matrix libolm before 3.2.7 allows an attacker to construct a carefully crafted sequence of messages to manipulate the state of the recipient's session, and for certain buffer sizes, a buffer...