exploitDog

CVE-2026-21485

Опубликовано: 06 янв. 2026

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are prone to have Undefined Behavior (UB) and Out of Memory errors. This issue is fixed in version 2.3.1.2.

Ссылки

https://github.com/InternationalColorConsortium/iccDEV/commit/c136aac51d25cbb4d9db63f071edad4f088843df
Patch
https://github.com/InternationalColorConsortium/iccDEV/issues/340
Exploit
Issue Tracking
Vendor Advisory
https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-chp2-4gv5-2432
Vendor Advisory
https://github.com/InternationalColorConsortium/iccDEV/issues/340
Exploit
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:color:iccdev:*:*:*:*:*:*:*:*

Версия до 2.3.1.2 (исключая)

EPSS

Процентиль: 29%

0.00104

Низкий

8.8 High

CVSS3

Дефекты

CWE-20

EPSS

Процентиль: 29%

0.00104

Низкий

8.8 High

CVSS3

Дефекты

CWE-20