lcms2 (Ubuntu:24.04:LTS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Ubuntu:24.04:LTS package lcms2, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2025-29070 — CVSS 7.5 (high): A heap buffer overflow vulnerability has been identified in thesmooth2() in cmsgamma.c in lcms2-2.16 which allows a remote attacker to…
CVE-2025-29069 — CVSS 7.3 (high): A heap buffer overflow vulnerability has been identified in the lcms2-2.16. The vulnerability exists in the UnrollChunkyBytes function in…