Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/74802?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74802?format=api", "vulnerability_id": "VCID-3vgt-zmas-z3hj", "summary": "iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior (UB) issue in IccTagLut.cpp where the code performs member access through a null pointer of type CIccApplyCLUT. This issue has been patched in version 2.3.1.6.", "aliases": [ { "alias": "CVE-2026-34552" } ], "fixed_packages": [], "affected_packages": [], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34552", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05422", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34552" }, { "reference_url": "https://github.com/InternationalColorConsortium/iccDEV/issues/701", "reference_id": "701", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-01T19:01:18Z/" } ], "url": "https://github.com/InternationalColorConsortium/iccDEV/issues/701" }, { "reference_url": "https://github.com/InternationalColorConsortium/iccDEV/pull/730", "reference_id": "730", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-01T19:01:18Z/" } ], "url": "https://github.com/InternationalColorConsortium/iccDEV/pull/730" }, { "reference_url": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-wgh5-wvv2-r8pq", "reference_id": "GHSA-wgh5-wvv2-r8pq", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-01T19:01:18Z/" } ], "url": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-wgh5-wvv2-r8pq" } ], "weaknesses": [ { "cwe_id": 476, "name": "NULL Pointer Dereference", "description": "A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit." } ], "exploits": [], "severity_range_score": "6.2 - 6.2", "exploitability": null, "weighted_severity": null, "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3vgt-zmas-z3hj" }