CNNVD-202601-1069 Information
CNNVD ID
CNNVD-202601-1069
Related CVE
- CNNVD Published: 2026-01-06
Description (Chinese)
iccDEV是International Color Consortium (ICC)开源的一个颜色配置代码库。 iccDEV 2.3.1及之前版本存在安全漏洞,该漏洞源于CIccMBB::Validate函数存在堆缓冲区溢出,可能导致堆缓冲区溢出攻击。
Description (English)
iccDEV is an open-source colour configuration code library for International Color Consortium (ICC). There is a security loophole in iccDEV 2.3.1 and earlier versions, which stems from the spilling of a stack of buffer zones from the CIccMBB::Validate function, which could lead to spill-over attacks.
Hazard Level
Medium
Vulnerability Type
其他
Published
2026-01-06
Last Modified
2026-02-24
References
https://github.com/InternationalColorConsortium/iccDEV/commit/e4c38a67d06073b38d58580b0cfc78ca61005f84 https://github.com/InternationalColorConsortium/iccDEV/issues/215 https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-j5vv-p2hv-c392
Patch
https://github.com/InternationalColorConsortium/iccDEV/releases
Share on: