Search for packages
Package details: pkg:deb/debian/lcms2@2.2%2Bgit20110628-2.2%2Bdeb7u1
purl pkg:deb/debian/lcms2@2.2%2Bgit20110628-2.2%2Bdeb7u1
Next non-vulnerable version 2.9-3
Latest non-vulnerable version 2.9-3
Risk 4.5
Vulnerabilities affecting this package (5)
Vulnerability Summary Fixed by
VCID-7g8v-91fw-aaan
Aliases:
CVE-2016-10165
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
2.6-3+deb8u1
Affected by 2 other vulnerabilities.
2.8-4+deb9u1
Affected by 1 other vulnerability.
VCID-7k3t-xpks-aaap
Aliases:
CVE-2013-4160
Little CMS (lcms2) before 2.5, as used in OpenJDK 7 and possibly other products, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to (1) cmsStageAllocLabV2ToV4curves, (2) cmsPipelineDup, (3) cmsAllocProfileSequenceDescription, (4) CurvesAlloc, and (5) cmsnamed.
2.6-3
Affected by 2 other vulnerabilities.
VCID-gmqf-z9b3-aaam
Aliases:
CVE-2013-7455
Double free vulnerability in the DefaultICCintents function in cmscnvrt.c in liblcms2 in Little CMS 2.x before 2.6 allows remote attackers to execute arbitrary code via a malformed ICC profile that triggers an error in the default intent handler.
2.6-3
Affected by 2 other vulnerabilities.
VCID-tst4-dhas-aaap
Aliases:
CVE-2018-16435
Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.
2.8-4+deb9u1
Affected by 1 other vulnerability.
2.9-3
Affected by 0 other vulnerabilities.
VCID-u5gu-wg1b-aaap
Aliases:
CVE-2014-0459
Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect availability via unknown vectors related to 2D.
2.6-3
Affected by 2 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T18:21:21.678850+00:00 Debian Oval Importer Affected by VCID-7k3t-xpks-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T18:02:44.426917+00:00 Debian Oval Importer Affected by VCID-7g8v-91fw-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T16:47:52.176883+00:00 Debian Oval Importer Affected by VCID-7k3t-xpks-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T12:03:26.328986+00:00 Debian Oval Importer Affected by VCID-gmqf-z9b3-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T11:47:31.882895+00:00 Debian Oval Importer Affected by VCID-tst4-dhas-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T11:29:57.204001+00:00 Debian Oval Importer Affected by VCID-u5gu-wg1b-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T10:17:58.621117+00:00 Debian Oval Importer Affected by VCID-tst4-dhas-aaap https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 36.1.3
2025-06-21T09:41:51.331661+00:00 Debian Oval Importer Affected by VCID-7g8v-91fw-aaan https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.1.3
2025-06-21T00:14:18.718879+00:00 Debian Oval Importer Affected by VCID-gmqf-z9b3-aaam None 36.1.3
2025-06-20T21:09:23.761905+00:00 Debian Oval Importer Affected by VCID-7k3t-xpks-aaap None 36.1.3
2025-06-20T20:58:56.040666+00:00 Debian Oval Importer Affected by VCID-u5gu-wg1b-aaap None 36.1.3
2025-06-20T19:59:14.203971+00:00 Debian Oval Importer Affected by VCID-tst4-dhas-aaap None 36.1.3
2025-06-20T19:38:32.188553+00:00 Debian Oval Importer Affected by VCID-7g8v-91fw-aaan None 36.1.3
2025-06-08T12:22:45.902023+00:00 Debian Oval Importer Affected by VCID-u5gu-wg1b-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:55:37.452809+00:00 Debian Oval Importer Affected by VCID-tst4-dhas-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T10:52:12.047897+00:00 Debian Oval Importer Affected by VCID-7k3t-xpks-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T10:34:25.583027+00:00 Debian Oval Importer Affected by VCID-7g8v-91fw-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:33:07.994522+00:00 Debian Oval Importer Affected by VCID-7k3t-xpks-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:11:55.269459+00:00 Debian Oval Importer Affected by VCID-gmqf-z9b3-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T05:02:12.998099+00:00 Debian Oval Importer Affected by VCID-tst4-dhas-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T04:50:30.804215+00:00 Debian Oval Importer Affected by VCID-u5gu-wg1b-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T04:05:40.195515+00:00 Debian Oval Importer Affected by VCID-tst4-dhas-aaap https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 36.1.0
2025-06-08T03:30:36.554694+00:00 Debian Oval Importer Affected by VCID-7g8v-91fw-aaan https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.1.0
2025-06-07T17:37:11.071921+00:00 Debian Oval Importer Affected by VCID-gmqf-z9b3-aaam None 36.1.0
2025-06-07T14:34:31.769827+00:00 Debian Oval Importer Affected by VCID-7k3t-xpks-aaap None 36.1.0
2025-06-07T14:26:26.574516+00:00 Debian Oval Importer Affected by VCID-u5gu-wg1b-aaap None 36.1.0
2025-06-07T13:48:54.987682+00:00 Debian Oval Importer Affected by VCID-tst4-dhas-aaap None 36.1.0
2025-06-07T13:32:46.834578+00:00 Debian Oval Importer Affected by VCID-7g8v-91fw-aaan None 36.1.0
2025-04-12T20:39:26.411020+00:00 Debian Oval Importer Affected by VCID-gmqf-z9b3-aaam https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:57:34.228555+00:00 Debian Oval Importer Affected by VCID-7g8v-91fw-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:08:47.894664+00:00 Debian Oval Importer Affected by VCID-u5gu-wg1b-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:40:46.637316+00:00 Debian Oval Importer Affected by VCID-tst4-dhas-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T16:34:36.154474+00:00 Debian Oval Importer Affected by VCID-7k3t-xpks-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T16:15:49.237212+00:00 Debian Oval Importer Affected by VCID-7g8v-91fw-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T08:05:29.453965+00:00 Debian Oval Importer Affected by VCID-7k3t-xpks-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T03:42:52.084326+00:00 Debian Oval Importer Affected by VCID-gmqf-z9b3-aaam https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T03:33:07.294772+00:00 Debian Oval Importer Affected by VCID-tst4-dhas-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T03:21:39.628373+00:00 Debian Oval Importer Affected by VCID-u5gu-wg1b-aaap https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T02:34:06.420255+00:00 Debian Oval Importer Affected by VCID-tst4-dhas-aaap https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2 36.0.0
2025-04-08T01:58:05.716932+00:00 Debian Oval Importer Affected by VCID-7g8v-91fw-aaan https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 36.0.0
2025-04-07T16:11:54.939257+00:00 Debian Oval Importer Affected by VCID-gmqf-z9b3-aaam None 36.0.0
2025-04-07T13:06:36.459694+00:00 Debian Oval Importer Affected by VCID-7k3t-xpks-aaap None 36.0.0
2025-04-07T12:58:46.840528+00:00 Debian Oval Importer Affected by VCID-u5gu-wg1b-aaap None 36.0.0
2025-04-07T12:23:55.867943+00:00 Debian Oval Importer Affected by VCID-tst4-dhas-aaap None 36.0.0
2025-04-07T12:08:12.525900+00:00 Debian Oval Importer Affected by VCID-7g8v-91fw-aaan None 36.0.0
2024-10-15T14:58:30.807483+00:00 Debian Oval Importer Affected by VCID-7k3t-xpks-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.2
2024-10-05T11:07:14.779780+00:00 Debian Oval Importer Affected by VCID-7k3t-xpks-aaap https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 34.0.1