How severe is CVE-2025-29069?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.3 out of 10.

What type of vulnerability is CVE-2025-29069?

This is classified as CWE-122, which is a common weakness in software security.

CVE-2025-29069

HIGH Year: 2025

CVSS v3 Score

7.3

High

Weakness Type

CWE-122

View all →

Vulnerability Description

A heap buffer overflow vulnerability has been identified in the lcms2-2.16. The vulnerability exists in the UnrollChunkyBytes function in cmspack.c, which is responsible for handling color space transformations. NOTE: this is disputed by the Supplier because the finding identified a bug in a third-party calling program, not in lcms.

CVE-2018-1124

HIGH

CVSS:7.3(High)

procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create...

CWE-1222018

CVE-2021-36056

HIGH

CVSS:7.3(High)

XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires ...

CWE-1222021