CVE-2024-38427

2024-06-1600:00:00

mitre

github.com

international color consortium

demoiccmax

logic flaw

cicctagxmlprofilesequenceid

parsexml

iccxml

icclibxml

6.8 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.1%

JSON

In International Color Consortium DemoIccMAX before 85ce74e, a logic flaw in CIccTagXmlProfileSequenceId::ParseXml in IccXML/IccLibXML/IccTagXml.cpp results in unconditionally returning false.

References

github.com/InternationalColorConsortium/DemoIccMAX/pull/66

github.com/InternationalColorConsortium/DemoIccMAX/pull/66/commits/85ce74ef19fb0751c7e188b06daed22fe74c332c