CVE-2026-21504 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.…
Medium CVSS: 6.6

CVE-2026-21504

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, iccDEV is vulnerable to heap buffer overflow in the ToneMap parser. This issue has been patched in version 2.3.1.2.
Vendor
Color
Product
Iccdev
CWE
CWE-122
Yayın Tarihi
2026-01-07 18:15:54
Güncelleme
2026-01-09 21:34:19
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-122 Iccdev MEDIUM Color 2026

Referanslar

https://github.com/InternationalColorConsortium/iccDEV/blob/798be59011649a26a529600cc3cd56437634d3d0/IccProfLib/IccMpeBasic.cpp#L4557 https://github.com/InternationalColorConsortium/iccDEV/commit/14fe3785e6b1f9992375b2a24617a0d7f6a70f95 https://github.com/InternationalColorConsortium/iccDEV/commit/23a38f83f2a5874a1c4427df59ec342af3277cad https://github.com/InternationalColorConsortium/iccDEV/issues/366 https://github.com/InternationalColorConsortium/iccDEV/pull/415 https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-rqp9-r53c-3m9h