6 matches found
CVE-2026-25503
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, type confusion allowed malformed ICC profiles to trigger undefined behavior when loading invalid icImageEncodingType values causin...
CVE-2026-21493
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Type Confusion in its CIccSingleSampledeCurveXml class during XML Curve Serialization. This issue is fixed in version 2.3.1.2...
iccDEV 安全漏洞
iccDEV is an open source color configuration codebase from the International Color Consortium. A security vulnerability exists in iccDEV prior to version 2.3.1.2, which stems from a heap buffer overflow in the CIccCLUT::Init function that could lead to memory corruption...
EUVD-2026-1388
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in CIccTagXmlTagData::ToXml. This vulnerability affects users o...
CVE-2026-21685 iccDEV has Undefined Behavior in CIccTagLut16::Read()
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have Undefined Behavior in CIccTagLut16::Read. This vulnerability affects users of the iccDEV libra...
PT-2026-2075
Name of the Vulnerable Software and Affected Versions iccDEV versions prior to 2.3.1.2 Description iccDEV is a set of libraries and tools for interacting with ICC color management profiles. A heap-buffer-overflow issue exists in the IccTagXml function in versions prior to 2.3.1.2. Recommendations...