4 matches found
CVE-2026-31796
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-based buffer overflow in icCurvesFromXml causing heap memory corruption or crash. This vulnerability is fixed in 2.3.1.5...
CVE-2026-24412
CVE-2026-24412 affects iccDEV libraries for ICC color profiles. Versions 2.3.1.1 and earlier contain a heap buffer overflow in the internal function CIccTagXmlSegmentedCurve::ToXml() when user-controlled input is unsafely embedded in ICC profile data or other binary blobs. This can lead to DoS, d...
CVE-2026-24412 iccDEV has Heap Buffer Overflow in icCurvesFromXml()
iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have aHeap Buffer Overflow vulnerability in the CIccTagXmlSegmentedCurve::ToXml function. This occurs when user-controllable input is unsafely incorporate...
CVE-2026-24412 iccDEV has Heap Buffer Overflow in icCurvesFromXml()
iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have aHeap Buffer Overflow vulnerability in the CIccTagXmlSegmentedCurve::ToXml function. This occurs when user-controllable input is unsafely incorporate...