CNNVD-202601-4265 Information
CNNVD ID
CNNVD-202601-4265
Related CVE
- CNNVD Published: 2026-01-24
Description (Chinese)
iccDEV是International Color Consortium开源的一个颜色配置代码库。 iccDEV 2.3.1.1及之前版本存在安全漏洞,该漏洞源于icSigCalcOp存在未定义行为,可能导致拒绝服务、数据操纵或代码执行。
Description (English)
iccDEV is a colour configuration code library of the International Color Consortium open source. iccDEV 2.3.1.1 and previous versions have a security loophole, which stems from the undefined behaviour of icSigCalcop, which may lead to denial of services, data manipulation or code enforcement.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
International Color Consortium
Published
2026-01-24
Last Modified
2026-02-24
References
https://github.com/InternationalColorConsortium/iccDEV/issues/481 https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-m6gx-93cp-4855 https://github.com/InternationalColorConsortium/iccDEV/commit/881802931a71c4b0dfc28bc80ee55b2cb84dab90 https://access.redhat.com/security/cve/cve-2026-24407
Patch
https://github.com/InternationalColorConsortium/iccDEV/releases
Share on: