CVE-2020-12761: modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow ( ...

Severity: Critical

CVSS Score: 9.1

modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map.