Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:10 p.m.12 views

CVE-2026-8813

This affects versions of the package exifreader before 4.39.0. A crafted image containing an ICC mluc tag can set an attacker-controlled record count together with a zero record size. During parsing, ExifReader repeatedly processes the same record and appends entries to an array without sufficien...

8.7CVSS5.4AI score0.00528EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/19 5:0 a.m.54 views

CVE-2026-8813

This affects versions of the package exifreader before 4.39.0. A crafted image containing an ICC mluc tag can set an attacker-controlled record count together with a zero record size. During parsing, ExifReader repeatedly processes the same record and appends entries to an array without sufficien...

8.7CVSS0.00528EPSS
Exploits0References3
OSV
OSV
added 2026/01/07 9:53 p.m.6 views

CVE-2026-21691 iccDEV has Type Confusion in CIccTag:IsTypeCompressed()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in CIccTag:IsTypeCompressed. This vulnerability affects users o...

5.4CVSS6.7AI score0.00243EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/01/07 5:11 p.m.38 views

CVE-2026-21678 iccDEV has heap-buffer-overflow vulnerability on IccTagXml()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to heap-buffer-overflow vulnerability in IccTagXml. This issue has been patched in version 2.3.1.2...

7.8CVSS0.00166EPSS
Exploits1References4
Rows per page
Query Builder