CVE-2026-34536 in InternationalColorConsortium iccDEVinfo

Zusammenfassung (Englisch)

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a stack overflow (SO) in SIccCalcOp::ArgsUsed(). The issue is observable under AddressSanitizer as a stack-overflow when iccApplyProfiles processes a malicious profile, with the crash occurring while computing argument usage during calculator underflow/overflow checks. This issue has been patched in version 2.3.1.6.

Zuständig

GitHub_M

Reservieren

30.03.2026

Veröffentlichung

01.04.2026

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
354559	InternationalColorConsortium iccDEV ICC Color Profile ArgsUsed Denial of Service	674	Nicht definiert	Offizieller Fix	CVE-2026-34536

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

◂ ZurückÜbersichtWeiter ▸

Want to know what is going to be exploited?

We predict KEV entries!