CVE-2026-22861 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color managem…
High CVSS: 8.8

CVE-2026-22861

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium (ICC) color management profiles. Prior to 2.3.1.2, There is a heap-based buffer overflow in SIccCalcOp::Describe() at IccProfLib/IccMpeCalc.cpp. This vulnerability affects users of the iccDEV library who process ICC color profiles. The vulnerability is fixed in 2.3.1.2.
Vendor
Color
Product
Iccdev
CWE
CWE-120
Yayın Tarihi
2026-01-13 21:15:54
Güncelleme
2026-01-16 18:46:06
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-120 Iccdev HIGH Color 2026

Referanslar

https://github.com/InternationalColorConsortium/iccDEV/commit/fa9a364c01fc2e59eb2291e1f9b1c1359b7d5329 https://github.com/InternationalColorConsortium/iccDEV/pull/475 https://github.com/InternationalColorConsortium/iccDEV/pull/476 https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-vr49-3vf8-7j5h