CNNVD-202601-1115 Information

Jan 06, 2026 cve

CNNVD ID

CNNVD-202601-1115

CVE-2026-21507

CNNVD Published: 2026-01-06

Description (Chinese)

iccDEV是International Color Consortium (ICC)开源的一个颜色配置代码库。 iccDEV 2.3.1及之前版本存在安全漏洞，该漏洞源于IccProfile.cpp的CalcProfileID函数存在无限循环，可能导致拒绝服务。

Description (English)

iccDEV is an open-source colour configuration code library for International Color Consortium (ICC). There is a security loophole in iccDEV 2.3.1 and earlier versions, which stems from the unlimited cycle of the CalcProfileID function in IccProfile.cpp, which may lead to the denial of services.

Hazard Level

Medium

Vulnerability Type

其他

Published

2026-01-06

Last Modified

2026-02-24

References

https://github.com/InternationalColorConsortium/iccDEV/commit/3f3ce789d0d2b608c194ed172fa38943519dc198 https://github.com/InternationalColorConsortium/iccDEV/issues/244 https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-hgp5-r8m9-8qpj

Patch

https://github.com/InternationalColorConsortium/iccDEV/releases

Share on: