Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-acvt-dayv-bffc
Vulnerability ID VCID-acvt-dayv-bffc
Aliases CVE-2015-4504
Summary Security researcher Felix Gröbert of Google discovered an out of bounds read in the QCMS color management library while manipulating an image with specific attributes in its ICC V4 profile. This causes a crash and could lead to information disclosure.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
System Score Found at
epss 0.02099 https://api.first.org/data/v1/epss?cve=CVE-2015-4504
epss 0.02099 https://api.first.org/data/v1/epss?cve=CVE-2015-4504
epss 0.02099 https://api.first.org/data/v1/epss?cve=CVE-2015-4504
epss 0.02099 https://api.first.org/data/v1/epss?cve=CVE-2015-4504
epss 0.02099 https://api.first.org/data/v1/epss?cve=CVE-2015-4504
epss 0.02099 https://api.first.org/data/v1/epss?cve=CVE-2015-4504
epss 0.02099 https://api.first.org/data/v1/epss?cve=CVE-2015-4504
epss 0.02099 https://api.first.org/data/v1/epss?cve=CVE-2015-4504
epss 0.02099 https://api.first.org/data/v1/epss?cve=CVE-2015-4504
epss 0.02099 https://api.first.org/data/v1/epss?cve=CVE-2015-4504
generic_textual none https://www.mozilla.org/en-US/security/advisories/mfsa2015-98
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4504.json
https://api.first.org/data/v1/epss?cve=CVE-2015-4504
1265596 https://bugzilla.redhat.com/show_bug.cgi?id=1265596
CVE-2015-4504 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4504
mfsa2015-98 https://www.mozilla.org/en-US/security/advisories/mfsa2015-98
USN-2743-1 https://usn.ubuntu.com/2743-1/
No exploits are available.
Exploit Prediction Scoring System (EPSS)
Percentile 0.83986
EPSS Score 0.02099
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:18:30.227962+00:00 Mozilla Importer Import https://github.com/mozilla/foundation-security-advisories/blob/master/announce/2015/mfsa2015-98.md 38.0.0