A heap buffer overflow vulnerability has been identified in thesmooth2() in cmsgamma.c in lcms2-2.16 which allows a remote attacker to cause a denial of service. NOTE: the Supplier disputes this because "this is not exploitable as this function is never called on normal color management, is there only as a helper for low-level programming and investigation."
2025-04-01T21:15:44.023
2025-04-04T21:15:45.167
Awaiting Analysis
CVSSv3.1: 7.5 (HIGH)
-