Description

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to 2.3.1.4, SrcPixel and DestPixel stack buffers overlap in CIccTagMultiProcessElement::Apply() int IccTagMPE.cpp. This vulnerability is fixed in 2.3.1.4.

INFO

Published Date :

2026-02-06T20:21:40.108Z

Last Modified :

2026-02-06T20:53:17.123Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-25634 vulnerability.

Vendors Products
Color
  • Iccdev
Internationalcolorconsortium
  • Iccdev
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-25634.

URL Resource
https://github.com/InternationalColorConsortium/iccDEV/commit/9206e0b8684e4cf4186d9ae768f16760bc1af9ff cve-icon cve-icon
https://github.com/InternationalColorConsortium/iccDEV/issues/577 cve-icon cve-icon
https://github.com/InternationalColorConsortium/iccDEV/pull/579 cve-icon cve-icon
https://github.com/InternationalColorConsortium/iccDEV/releases/tag/v2.3.1.4 cve-icon cve-icon
https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-35rg-jcmp-583h cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact