CVE-2026-34533 (GCVE-0-2026-34533)
Vulnerability from cvelistv5 – Published: 2026-03-31 21:56 – Updated: 2026-04-03 16:38
VLAI?
Title
iccDEV: UB in CIccCalculatorFunc::ApplySequence()
Summary
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior (UB) in CIccCalculatorFunc::ApplySequence() due to invalid enum values being loaded for icChannelFuncSignature. The issue is observable under UBSan as a “load of value … not a valid value for type icChannelFuncSignature”, indicating a type/enum value confusion scenario during ICC profile processing. This issue has been patched in version 2.3.1.6.
Severity ?
6.2 (Medium)
CWE
- CWE-758 - Reliance on Undefined, Unspecified, or Implementation-Defined Behavior
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| InternationalColorConsortium | iccDEV |
Affected:
< 2.3.1.6
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-34533",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-03T16:38:42.639719Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-03T16:38:58.635Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "iccDEV",
"vendor": "InternationalColorConsortium",
"versions": [
{
"status": "affected",
"version": "\u003c 2.3.1.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior (UB) in CIccCalculatorFunc::ApplySequence() due to invalid enum values being loaded for icChannelFuncSignature. The issue is observable under UBSan as a \u201cload of value \u2026 not a valid value for type icChannelFuncSignature\u201d, indicating a type/enum value confusion scenario during ICC profile processing. This issue has been patched in version 2.3.1.6."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-758",
"description": "CWE-758: Reliance on Undefined, Unspecified, or Implementation-Defined Behavior",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T21:56:28.390Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-8jj3-77m7-c3pq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-8jj3-77m7-c3pq"
},
{
"name": "https://github.com/InternationalColorConsortium/iccDEV/issues/664",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/InternationalColorConsortium/iccDEV/issues/664"
},
{
"name": "https://github.com/InternationalColorConsortium/iccDEV/pull/681",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/InternationalColorConsortium/iccDEV/pull/681"
}
],
"source": {
"advisory": "GHSA-8jj3-77m7-c3pq",
"discovery": "UNKNOWN"
},
"title": "iccDEV: UB in CIccCalculatorFunc::ApplySequence()"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-34533",
"datePublished": "2026-03-31T21:56:28.390Z",
"dateReserved": "2026-03-30T16:03:31.048Z",
"dateUpdated": "2026-04-03T16:38:58.635Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-34533",
"date": "2026-04-14",
"epss": "0.00015",
"percentile": "0.03277"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-34533\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-03-31T22:16:20.637\",\"lastModified\":\"2026-04-01T14:23:37.727\",\"vulnStatus\":\"Undergoing Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior (UB) in CIccCalculatorFunc::ApplySequence() due to invalid enum values being loaded for icChannelFuncSignature. The issue is observable under UBSan as a \u201cload of value \u2026 not a valid value for type icChannelFuncSignature\u201d, indicating a type/enum value confusion scenario during ICC profile processing. This issue has been patched in version 2.3.1.6.\"},{\"lang\":\"es\",\"value\":\"iccDEV proporciona un conjunto de bibliotecas y herramientas para trabajar con perfiles de gesti\u00f3n de color ICC. Antes de la versi\u00f3n 2.3.1.6, un perfil ICC manipulado puede desencadenar Comportamiento Indefinido (UB) en CIccCalculatorFunc::ApplySequence() debido a la carga de valores de enumeraci\u00f3n (enum) no v\u00e1lidos para icChannelFuncSignature. El problema es observable bajo UBSan como una \u0027carga de valor... no es un valor v\u00e1lido para el tipo icChannelFuncSignature\u0027, lo que indica un escenario de confusi\u00f3n de valores de tipo/enumeraci\u00f3n (enum) durante el procesamiento de perfiles ICC. Este problema ha sido parcheado en la versi\u00f3n 2.3.1.6.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.2,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.5,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-758\"}]}],\"references\":[{\"url\":\"https://github.com/InternationalColorConsortium/iccDEV/issues/664\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/InternationalColorConsortium/iccDEV/pull/681\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-8jj3-77m7-c3pq\",\"source\":\"security-advisories@github.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-34533\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-03T16:38:42.639719Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-04-03T16:38:54.263Z\"}}], \"cna\": {\"title\": \"iccDEV: UB in CIccCalculatorFunc::ApplySequence()\", \"source\": {\"advisory\": \"GHSA-8jj3-77m7-c3pq\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.2, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"InternationalColorConsortium\", \"product\": \"iccDEV\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 2.3.1.6\"}]}], \"references\": [{\"url\": \"https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-8jj3-77m7-c3pq\", \"name\": \"https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-8jj3-77m7-c3pq\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/InternationalColorConsortium/iccDEV/issues/664\", \"name\": \"https://github.com/InternationalColorConsortium/iccDEV/issues/664\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/InternationalColorConsortium/iccDEV/pull/681\", \"name\": \"https://github.com/InternationalColorConsortium/iccDEV/pull/681\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, a crafted ICC profile can trigger Undefined Behavior (UB) in CIccCalculatorFunc::ApplySequence() due to invalid enum values being loaded for icChannelFuncSignature. The issue is observable under UBSan as a \\u201cload of value \\u2026 not a valid value for type icChannelFuncSignature\\u201d, indicating a type/enum value confusion scenario during ICC profile processing. This issue has been patched in version 2.3.1.6.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-758\", \"description\": \"CWE-758: Reliance on Undefined, Unspecified, or Implementation-Defined Behavior\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-03-31T21:56:28.390Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-34533\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-03T16:38:58.635Z\", \"dateReserved\": \"2026-03-30T16:03:31.048Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-03-31T21:56:28.390Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…