VYPR

iccDEV

by iccDEV

Source repositories

CVEs (80)

  • CVE-2026-25502Feb 3, 2026
    risk 0.00cvss epss 0.00

    iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, stack-based buffer overflow in icFixXml() function when processing malformed ICC profiles, allows potential…

  • CVE-2026-25503Feb 3, 2026
    risk 0.00cvss epss 0.00

    iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, type confusion allowed malformed ICC profiles to trigger undefined behavior when loading invalid…

  • CVE-2026-24856Jan 28, 2026
    risk 0.00cvss epss 0.00

    iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Versions prior to 2.3.1.2 have an undefined behavior issue when floating-point NaN values are converted to unsigned short integer types…

  • CVE-2026-24852Jan 28, 2026
    risk 0.00cvss epss 0.00

    iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, a heap buffer over-read when the strlen() function attempts to read a non-null-terminated buffer potentially…

  • CVE-2026-24412Jan 24, 2026
    risk 0.00cvss epss 0.01

    iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have aHeap Buffer Overflow vulnerability in the CIccTagXmlSegmentedCurve::ToXml() function. This occurs when user-controllable input is…

  • CVE-2026-24411Jan 24, 2026
    risk 0.00cvss epss 0.00

    iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior in CIccTagXmlSegmentedCurve::ToXml(). This occurs when user-controllable input is unsafely incorporated into ICC…

  • CVE-2026-24410Jan 24, 2026
    risk 0.00cvss epss 0.00

    iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior and Null Pointer Deference in CIccProfileXml::ParseBasic(). This occurs when user-controllable input is unsafely…

  • CVE-2026-24409Jan 24, 2026
    risk 0.00cvss epss 0.00

    iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior and Null Pointer Deference in CIccTagXmlFloatNum<>::ParseXml(). This occurs when user-controllable input is…

  • CVE-2026-24407Jan 24, 2026
    risk 0.00cvss epss 0.00

    iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have Undefined Behavior in icSigCalcOp(). This occurs when user-controllable input is unsafely incorporated into ICC profile data or…

  • CVE-2026-24406Jan 24, 2026
    risk 0.00cvss epss 0.01

    iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have a Heap Buffer Overflow vulnerability in CIccTagNamedColor2::SetSize(). This occurs when user-controllable input is unsafely…

  • CVE-2026-24405Jan 24, 2026
    risk 0.00cvss epss 0.01

    iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have a Heap Buffer Overflow vulnerability in CIccMpeCalculator::Read(). This occurs when user-controllable input is unsafely…

  • CVE-2026-24404Jan 24, 2026
    risk 0.00cvss epss 0.00

    iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. In versions 2.3.1.1 and below, CIccXmlArrayType() contains a Null Pointer Dereference and Undefined Behavior vulnerability. This occurs when user-controllable…

  • CVE-2026-24403Jan 24, 2026
    risk 0.00cvss epss 0.00

    iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. In versions 2.3.1.1 and below, an integer overflow vulnerability exists in icValidateStatus CIccProfile::CheckHeader() when user-controllable input is incorporated…

  • CVE-2026-22861Jan 13, 2026
    risk 0.00cvss epss 0.01

    iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Prior to 2.3.1.2, There is a heap-based buffer overflow in SIccCalcOp::Describe() at…

  • CVE-2026-22255Jan 8, 2026
    risk 0.00cvss epss 0.00

    iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow vulnerability in `CIccCLUT::Init()` at…

  • CVE-2026-22047Jan 7, 2026
    risk 0.00cvss epss 0.00

    iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow vulnerability in `SIccCalcOp::Describe()` at…

  • CVE-2026-22046Jan 7, 2026
    risk 0.00cvss epss 0.00

    iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a heap-buffer-overflow vulnerability in `CIccProfileXml::ParseBasic()` at…

  • CVE-2026-21693Jan 7, 2026
    risk 0.00cvss epss 0.00

    iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in `CIccSegmentedCurveXml::ToXml()` at…

  • CVE-2026-21692Jan 7, 2026
    risk 0.00cvss epss 0.00

    iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in `ToXmlCurve()` at…

  • CVE-2026-21691Jan 7, 2026
    risk 0.00cvss epss 0.00

    iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in `CIccTag:IsTypeCompressed()`. This…