CVE-2026-31797 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap out-of-bounds read in CTiffImg::R…
Medium CVSS: 6.1

CVE-2026-31797

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap out-of-bounds read in CTiffImg::ReadLine() when iccApplyProfiles processes a crafted TIFF image, causing memory disclosure or crash. This vulnerability is fixed in 2.3.1.5.
Vendor
Color
Product
Iccdev
CWE
CWE-125
Yayın Tarihi
2026-03-10 18:19:00
Güncelleme
2026-03-13 19:30:09
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-125 Iccdev MEDIUM Color 2026

Referanslar

https://github.com/InternationalColorConsortium/iccDEV/issues/656 https://github.com/InternationalColorConsortium/iccDEV/pull/659 https://github.com/InternationalColorConsortium/iccDEV/releases/tag/v2.3.1.5 https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-wh2p-cm3r-7hm3