5.5
CVE-2026-31794 - iccDEV has a SEGV in CIccCLUT::Interp3d()
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a segmentation fault from invalid/wild pointer read in CIccCLUT::Interp3d() causing a denial of service. This vulnerability is fixed in 2.3.1.5.
5.5
CVE-2026-31793 - iccDEV has a SEGV in CIccCalculatorFunc::ApplySequence()
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a segmentation fault due to invalid/wild pointer read in CIccCalculatorFunc::ApplySequence() causing denial of service. This vulnerability is fixed in 2.3.1.5.
7.8
CVE-2026-31792 - iccDEV has a null pointer dereference in CIccTagXmlStruct::ParseTag()
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a null pointer dereference in CIccTagXmlStruct::ParseTag() causing a segmentation fault or denial of service. This vulnerability is fixed in 2.3.1.5.
7.8
CVE-2026-30987 - iccDEV has a stack buffer overflow in CIccTagNum<(icTagTypeSignature)>::GetValues()
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a stack buffer overflow in CIccTagNum<>::GetValues() causing stack memory corruption or crash. This vulnerability is fixed in 2.3.1.5.
5.5
CVE-2026-30986 - iccDEV has a heap-based buffer overflow write in CIccCLUT::Interp3d()
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-based buffer overflow write in CIccMatrixMath::SetRange() causing memory corruption or crash. This vulnerability is fixed in 2.3.1.5.
7.8
CVE-2026-30985 - iccDEV has a heap-based buffer overflow write in CIccMatrixMath::SetRange()
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-based buffer overflow write in CIccMatrixMath::SetRange() causing memory corruption or crash. This vulnerability is fixed in 2.3.1.5.
6.1
CVE-2026-30984 - iccDEV has a heap out-of-bounds read in CIccCalculatorFunc::ApplySequence()
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap out-of-bounds read in CIccCalculatorFunc::ApplySequence() causing an application crash. This vulnerability is fixed in 2.3.1.5.
7.8
CVE-2026-30983 - iccDEV has a stack buffer overflow in icFixXml()
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a stack buffer overflow in icFixXml() (strcpy) causing stack memory corruption or crash. This vulnerability is fixed in 2.3.1.5.
6.1
CVE-2026-30982 - iccDEV has a heap out-of-bounds read in CIccPcsXform::pushXYZConvert()
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap out-of-bounds read in CIccPcsXform::pushXYZConvert() causing crash and potentially leaking memory contents. This vulnerability is fixed in 2.3.1.5.
6.1
CVE-2026-30981 - iccDEV has a heap-buffer-overflow read in CIccXmlArrayType<>
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap-buffer-overflow read in CIccXmlArrayType<>::DumpArray() causing out-of-bounds read and/or crash. This vulnerability is fixed in 2.3.1.5.