InternationalColorConsortium 厂商漏洞列表 / CVE 中文分析 104

InternationalColorConsortium 厂商相关 104 条 CVE 漏洞，含 AI 中文分析、POC、CVSS 评分与受影响产品。

International Color Consortium 致力于制定色彩管理标准，其核心项目 ICC Profile 编辑器广泛用于图像色彩处理。该组件历史上常暴露路径遍历、缓冲区溢出及拒绝服务等漏洞，部分缺陷可导致远程代码执行。近期统计显示已收录 104 条 CVE，主要源于对非标准输入验证不足。建议用户及时更新版本以修复已知缺陷，确保色彩处理流程的安全性，避免潜在的数据泄露或系统崩溃风险。

上位製品 InternationalColorConsortium: iccDEV

CVE ID	タイトル	CVSS	深刻度	公開日
CVE-2026-30984	iccDEV has a heap out-of-bounds read in CIccCalculatorFunc::ApplySequence() — iccDEVCWE-125	6.1	Medium	2026-03-10
CVE-2026-30983	iccDEV has a stack buffer overflow in icFixXml() — iccDEVCWE-120	7.8	High	2026-03-10
CVE-2026-30982	iccDEV has a heap out-of-bounds read in CIccPcsXform::pushXYZConvert() — iccDEVCWE-122	6.1	Medium	2026-03-10
CVE-2026-30981	iccDEV has a heap-buffer-overflow read in CIccXmlArrayType<> — iccDEVCWE-120	6.1	Medium	2026-03-10
CVE-2026-30979	iccDEV has a heap-based buffer overflow in CIccCalculatorFunc::InitSelectOp() — iccDEVCWE-120	7.8	High	2026-03-10
CVE-2026-30978	Heap-use-after-free in CIccCmm::AddXform() — iccDEVCWE-416	7.8	High	2026-03-10
CVE-2026-27692	iccDEV has HBO in CIccTagTextDescription::Release() — iccDEVCWE-125	7.1	High	2026-02-25
CVE-2026-27691	iccDEV has SIO in parse3DTable() at iccFromCube.cpp Line 218 — iccDEVCWE-190	6.2	Medium	2026-02-25
CVE-2026-25634	iccDEV memcpy-param-overlap in CIccTagMultiProcessElement::Apply() — iccDEVCWE-119	7.8	High	2026-02-06
CVE-2026-25585	iccDEV vulnerable to OOB in CIccXform3DLut::Apply() — iccDEVCWE-119	7.8	High	2026-02-04
CVE-2026-25584	iccDEV vulnerable to Stack-based Buffer Overflow in CIccTagFloatNum::GetValues() — iccDEVCWE-119	7.8	High	2026-02-04
CVE-2026-25583	iccDEV vulnerable to Heap Buffer Overflow in CIccFileIO::Read8() — iccDEVCWE-119	7.8	High	2026-02-04
CVE-2026-25582	iccDEV vulnerable to Heap Buffer Overflow in CIccIO::WriteUInt16Float() — iccDEVCWE-122	7.8	High	2026-02-04
CVE-2026-25502	iccDEV is vulnerable to stack-buffer-overflow in icFixXml() — iccDEVCWE-121	7.8	High	2026-02-03
CVE-2026-25503	iccDEV Has Type Confusion in CIccTagEmbeddedHeightImage::Validate() — iccDEVCWE-704	7.1	High	2026-02-03
CVE-2026-24856	iccDEV has UB runtime error in <icTagTypeSignature> — iccDEVCWE-20	7.8	High	2026-01-28
CVE-2026-24852	iccDEV has a heap-buffer-overflow in icXmlParseTextString() — iccDEVCWE-122	6.1	Medium	2026-01-28
CVE-2026-24412	iccDEV has Heap Buffer Overflow in icCurvesFromXml() — iccDEVCWE-20	8.8	High	2026-01-24
CVE-2026-24411	iccDEV has Undefined Behavior and Null Pointer Deference in CIccTagXmlSegmentedCurve::ToXml() — iccDEVCWE-20	7.1	High	2026-01-24
CVE-2026-24410	iccDEV has Undefined Behavior and Null Pointer Deference in CIccProfileXml::ParseBasic() — iccDEVCWE-20	7.1	High	2026-01-24
CVE-2026-24409	iccDEV has Undefined Behavior and Null Pointer Deference in CIccTagXmlFloatNum<>::ParseXml() — iccDEVCWE-20	7.1	High	2026-01-24
CVE-2026-24407	iccDEV has Undefined Behavior in icSigCalcOp() — iccDEVCWE-20	7.1	High	2026-01-24
CVE-2026-24406	iccDEV has Heap Buffer Overflow in CIccTagNamedColor2::SetSize() — iccDEVCWE-20	8.8	High	2026-01-24
CVE-2026-24405	iccDEV has Heap Buffer Overflow in CIccMpeCalculator::Read() — iccDEVCWE-20	8.8	High	2026-01-24
CVE-2026-24404	iccDEV has Null Pointer Deference and Undefined Behavior in CIccXmlArrayType() — iccDEVCWE-20	7.1	High	2026-01-24
CVE-2026-24403	iccDEV Undefined Behavior in CIccProfile::CheckHeader() Leads to Integer Overflow — iccDEVCWE-20	7.1	High	2026-01-24
CVE-2026-22861	iccDEV has a heap-buffer-overflow in SIccCalcOp::Describe() at IccProfLib/IccMpeCalc.cpp — iccDEVCWE-252	8.8	High	2026-01-13
CVE-2026-22255	iccDEV has heap-buffer-overflow in CIccCLUT::Init() at IccProfLib/IccTagLut.cpp — iccDEVCWE-20	8.8	High	2026-01-08
CVE-2026-22047	iccDEV has heap-buffer-overflow in SIccCalcOp::Describe() at IccProfLib/IccMpeCalc.cpp — iccDEVCWE-20	8.8	High	2026-01-07
CVE-2026-22046	iccDEV has heap-buffer-overflow in CIccProfileXml::ParseBasic() at IccXML/IccLibXML/IccProfileXml.cpp — iccDEVCWE-20	8.8	High	2026-01-07

本页汇总了 InternationalColorConsortium 厂商截至目前公开的全部 104 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接，并附带 AI 生成的中文分析以便快速判断风险。

目標達成 すべての支援者に感謝 — 100%達成しました！

InternationalColorConsortium 厂商漏洞列表 / CVE 中文分析 104

目標達成すべての支援者に感謝 — 100%達成しました！