{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-34535", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-03-30T16:03:31.048Z", "datePublished": "2026-03-31T21:58:17.535Z", "dateUpdated": "2026-04-01T13:33:37.621Z"}, "containers": {"cna": {"title": "iccDEV: SEGV in CIccTagArray::Cleanup()", "problemTypes": [{"descriptions": [{"cweId": "CWE-122", "lang": "en", "description": "CWE-122: Heap-based Buffer Overflow", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-965q-9pp6-6vw5", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-965q-9pp6-6vw5"}, {"name": "https://github.com/InternationalColorConsortium/iccDEV/issues/666", "tags": ["x_refsource_MISC"], "url": "https://github.com/InternationalColorConsortium/iccDEV/issues/666"}, {"name": "https://github.com/InternationalColorConsortium/iccDEV/pull/683", "tags": ["x_refsource_MISC"], "url": "https://github.com/InternationalColorConsortium/iccDEV/pull/683"}], "affected": [{"vendor": "InternationalColorConsortium", "product": "iccDEV", "versions": [{"version": "< 2.3.1.6", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-31T21:58:17.535Z"}, "descriptions": [{"lang": "en", "value": "iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a segmentation fault (SEGV) in CIccTagArray::Cleanup(). The issue is observable under UBSan/ASan as misaligned member access / misaligned pointer loads followed by an invalid read leading to process crash when running iccRoundTrip on a malicious profile. This issue has been patched in version 2.3.1.6."}], "source": {"advisory": "GHSA-965q-9pp6-6vw5", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/InternationalColorConsortium/iccDEV/issues/666", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-01T13:33:32.223197Z", "id": "CVE-2026-34535", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T13:33:37.621Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-34535", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-01T13:33:32.223197Z"}}}], "references": [{"url": "https://github.com/InternationalColorConsortium/iccDEV/issues/666", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T13:33:25.551Z"}}], "cna": {"title": "iccDEV: SEGV in CIccTagArray::Cleanup()", "source": {"advisory": "GHSA-965q-9pp6-6vw5", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "InternationalColorConsortium", "product": "iccDEV", "versions": [{"status": "affected", "version": "< 2.3.1.6"}]}], "references": [{"url": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-965q-9pp6-6vw5", "name": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-965q-9pp6-6vw5", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/InternationalColorConsortium/iccDEV/issues/666", "name": "https://github.com/InternationalColorConsortium/iccDEV/issues/666", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/InternationalColorConsortium/iccDEV/pull/683", "name": "https://github.com/InternationalColorConsortium/iccDEV/pull/683", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a segmentation fault (SEGV) in CIccTagArray::Cleanup(). The issue is observable under UBSan/ASan as misaligned member access / misaligned pointer loads followed by an invalid read leading to process crash when running iccRoundTrip on a malicious profile. This issue has been patched in version 2.3.1.6."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-122", "description": "CWE-122: Heap-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-03-31T21:58:17.535Z"}}}, "cveMetadata": {"cveId": "CVE-2026-34535", "state": "PUBLISHED", "dateUpdated": "2026-04-01T13:33:37.621Z", "dateReserved": "2026-03-30T16:03:31.048Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-03-31T21:58:17.535Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:color:iccdev:*:*:*:*:*:*:*:*", "matchCriteriaId": "DE133F29-9592-4669-8B76-9F7C88EFE17D", "versionEndExcluding": "2.3.1.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger a segmentation fault (SEGV) in CIccTagArray::Cleanup(). The issue is observable under UBSan/ASan as misaligned member access / misaligned pointer loads followed by an invalid read leading to process crash when running iccRoundTrip on a malicious profile. This issue has been patched in version 2.3.1.6."}, {"lang": "es", "value": "iccDEV proporciona un conjunto de bibliotecas y herramientas para trabajar con perfiles de gesti\u00f3n de color ICC. Antes de la versi\u00f3n 2.3.1.6, un perfil ICC manipulado puede desencadenar un fallo de segmentaci\u00f3n (SEGV) en CIccTagArray::Cleanup(). El problema es observable bajo UBSan/ASan como acceso a miembro desalineado / cargas de puntero desalineadas, seguido de una lectura inv\u00e1lida que lleva a un fallo del proceso al ejecutar iccRoundTrip en un perfil malicioso. Este problema ha sido parcheado en la versi\u00f3n 2.3.1.6."}], "id": "CVE-2026-34535", "lastModified": "2026-04-20T13:50:16.590", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-03-31T22:16:20.960", "references": [{"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Exploit"], "url": "https://github.com/InternationalColorConsortium/iccDEV/issues/666"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/InternationalColorConsortium/iccDEV/pull/683"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-965q-9pp6-6vw5"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Issue Tracking", "Exploit"], "url": "https://github.com/InternationalColorConsortium/iccDEV/issues/666"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,2.3.1.6)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "iccDEV", "source": "cna", "vendor": "InternationalColorConsortium"}, "product": "iccdev", "vendor": "internationalcolorconsortium"}], "analysis": {"en": {"generated_at": "2026-04-01T06:56:44.587175+00:00", "value": {"mitigation_remediation": ["Upgrade iccDEV to version 2.3.1.6 or newer", "Restart any services that rely on iccDEV to ensure the patch takes effect"], "summary": {"action": "Immediate Patch", "impact": "Denial of Service via segmentation fault"}, "threat_synthesis": {"affected_systems": "The International Color Consortium\u2019s iccDEV library, versions prior to 2.3.1.6, is affected. Any system that processes third\u2011party ICC profiles\u2014such as photo editing, printing, or color\u2011management applications\u2014can experience crashes when encountering a malicious profile.", "description_and_impact": "A crafted ICC profile triggers a segmentation fault within iccDEV\u2019s CIccTagArray::Cleanup() routine, causing the process to crash when the iccRoundTrip tool parses the malicious profile. The flaw arises from misaligned member access and pointer loads that culminate in an invalid read. Because the vulnerability results in an application crash rather than code execution, its principal impact is denial of service, potentially disrupting any software that relies on iccDEV for color\u2011profile handling.", "risk_and_exploitability": "This vulnerability carries a CVSS score of 6.2, indicating moderate severity. Exploreability of the flaw is likely through any client that accepts ICC profiles, either from an external source or local user. The attacker can supply a malicious profile to a vulnerable application to force a crash. Since no exploit has been publicly disclosed and the flaw does not lead to code execution, the risk is limited to service interruption rather than a complete compromise."}}}}, "created": "2026-04-02T07:51:58.079499+00:00", "updated": "2026-04-02T20:10:18.116001+00:00", "vendors": ["internationalcolorconsortium", "internationalcolorconsortium$PRODUCT$iccdev"]}