CNNVD-202601-4269 Information
CNNVD ID
CNNVD-202601-4269
Related CVE
- CNNVD Published: 2026-01-24
Description (Chinese)
iccDEV是International Color Consortium开源的一个颜色配置代码库。 iccDEV 2.3.1.1及之前版本存在安全漏洞,该漏洞源于CIccXmlArrayType存在空指针取消引用和未定义行为,可能导致拒绝服务、数据操纵或代码执行。
Description (English)
iccDEV is a colour configuration code library of the International Color Consortium open source. iccDEV 2.3.1.1 and previous versions contain a security loophole that stems from the existence of an empty pointer to cancel references and undefined behaviour in ciccXmlArrayType, which may lead to denial of services, data manipulation or code enforcement.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
International Color Consortium
Published
2026-01-24
Last Modified
2026-02-24
References
https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-hqfg-45jp-hp9f https://github.com/InternationalColorConsortium/iccDEV/issues/488 https://github.com/InternationalColorConsortium/iccDEV/commit/cd637eb33f0c8055fa54d8776e00555d3d39ef0c https://access.redhat.com/security/cve/cve-2026-24404
Patch
https://github.com/InternationalColorConsortium/iccDEV/releases
Share on: