CNNVD-202601-1130 Information
CNNVD ID
CNNVD-202601-1130
Related CVE
- CNNVD Published: 2026-01-07
Description (Chinese)
iccDEV是International Color Consortium开源的一个颜色配置代码库。 iccDEV 2.3.1.2之前版本存在代码问题漏洞,该漏洞源于IccXML/IccLibXML/IccProfileXml.cpp文件中的CIccProfileXml::ParseBasic函数存在类型混淆。
Description (English)
iccDEV is a colour configuration code library of the International Color Consortium open source. iccDEV 2.3.1.2 has a code problem loophole, which stems from the confusion of type in the CIccProfileXml: ParseBasic function in IccXML/IccLibXML/IccProfileXml.cpp.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
International Color Consortium
Published
2026-01-07
Last Modified
2026-02-24
References
https://github.com/InternationalColorConsortium/iccDEV/issues/382 https://github.com/InternationalColorConsortium/iccDEV/pull/423 https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-5rqc-w93q-589m
Patch
https://github.com/InternationalColorConsortium/iccDEV/releases
Share on: