iccDEV 安全漏洞

iccDEV is an open source color configuration codebase from the International Color Consortium. A security vulnerability exists in versions prior to iccDEV 2.3.1.2, which stems from a heap-based buffer overflow in the SIccCalcOp::Describe function...

CVE-2026-21499

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to NULL pointer dereference via the XML parser. This issue has been patched in version 2.3.1.2...

CVE-2026-21506 iccDEV is Vulnerable to Null Pointer Dereference in CIccProfileXml::ParseBasic() Leading to Denial of Service

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to Null pointer dereference in CIccProfileXml::ParseBasic, leading to denial of service. This issue has been...

PT-2026-2090

Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools for interacting with International Color Consortium ICC color management profiles. A Type Confusion issue exists in the CIccSegmentedCurveXml::ToXml function...

iccDEV 输入验证错误漏洞

iccDEV is an open source color configuration code base from the International Color Consortium. An input validation error vulnerability exists in versions of iccDEV prior to 2.3.1.2 that stems from the presence of an undefined behavior runtime error...

CVE-2026-21494

The vulnerability CVE-2026-21494 affects iccDEV prior to 2.3.1.2, where a heap buffer overflow occurs in CIccTagLut8::Validate() when processing ICC color profiles. A patch exists in version 2.3.1.2. No public workarounds are documented in the provided sources. Remediation is to upgrade to 2.3.1....