Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

InternationalColorConsortium — Vulnerabilities & Security Advisories 104

Browse all 104 CVE security advisories affecting InternationalColorConsortium. AI-powered Chinese analysis, POCs, and references for each vulnerability.

The International Color Consortium develops open standards and software tools for color management, primarily facilitating accurate color reproduction across diverse devices and operating systems. Its ecosystem includes widely used libraries like Little CMS and ICC profiles, which are integral to graphic design, printing, and digital imaging workflows. Historically, vulnerabilities in these components have frequently involved buffer overflows and integer overflows, leading to remote code execution or denial-of-service conditions. While cross-site scripting and privilege escalation issues are less common in the core libraries, they occasionally appear in associated web-based management interfaces. The consortium maintains a proactive security posture by publishing detailed CVE records, currently totaling 104 entries, which reflect ongoing efforts to patch legacy code and secure data processing routines. These incidents underscore the critical need for rigorous input validation in color processing algorithms to prevent exploitation by malicious actors targeting high-value creative industries.

Top products by InternationalColorConsortium: iccDEV
CVE IDTitleCVSSSeverityPublished
CVE-2026-21693 iccDEV has Type Confusion in CIccSegmentedCurveXml::ToXml() at IccXML/IccLibXML/IccMpeXml.cpp — iccDEVCWE-20 8.8 High2026-01-07
CVE-2026-21692 iccDEV has Type Confusion in ToXmlCurve() at IccXML/IccLibXML/IccMpeXml.cpp — iccDEVCWE-20 8.8 High2026-01-07
CVE-2026-21691 iccDEV has Type Confusion in CIccTag:IsTypeCompressed() — iccDEVCWE-20 5.4 Medium2026-01-07
CVE-2026-21690 iccDEV has Type Confusion in CIccTagXmlTagData::ToXml() — iccDEVCWE-20 6.3 Medium2026-01-07
CVE-2026-21689 iccDEV has Type Confusion in CIccProfileXml::ParseBasic() at IccXML/IccLibXML/IccProfileXml.cpp — iccDEVCWE-20 6.5 Medium2026-01-07
CVE-2026-21688 iccDEV has Type Confusion in SIccCalcOp::ArgsPushed() at IccProfLib/IccMpeCalc.cpp — iccDEVCWE-20 8.8 High2026-01-07
CVE-2026-21687 iccDEV has Undefined Behavior in CIccTagCurve::CIccTagCurve() — iccDEVCWE-20 7.1 High2026-01-07
CVE-2026-21686 iccDEV has Undefined Behavior in CIccTagLutAtoB::Validate() — iccDEVCWE-20 7.1 High2026-01-07
CVE-2026-21685 iccDEV has Undefined Behavior in CIccTagLut16::Read() — iccDEVCWE-20 7.1 High2026-01-07
CVE-2026-21684 iccDEV has Undefined Behavior in CIccTagSpectralViewingConditions() — iccDEVCWE-20 7.1 High2026-01-07
CVE-2026-21683 iccDEV has Type Confusion in icStatusCMM::CIccEvalCompare::EvaluateProfile() — iccDEVCWE-20 8.8 High2026-01-07
CVE-2026-21682 iccDEV has heap-buffer-overflow in CIccXmlArrayType::ParseText() — iccDEVCWE-20 8.8 High2026-01-07
CVE-2026-21681 iccDEV has Undefined Behavior runtime error: nan is outside the range .. IccProfLib/IccTagBasic.cpp — iccDEVCWE-20 7.1 High2026-01-07
CVE-2026-21680 iccDEV has Null Pointer Dereference in CIccProfile::CheckTagTypes() — iccDEVCWE-476 6.5 Medium2026-01-07
CVE-2026-21679 iccDEV has heap-buffer-overflow vulnerability in CIccLocalizedUnicode::GetText() — iccDEVCWE-20 8.8 High2026-01-07
CVE-2026-21678 iccDEV has heap-buffer-overflow vulnerability on IccTagXml() — iccDEVCWE-20 7.8 High2026-01-07
CVE-2026-21506 iccDEV is Vulnerable to Null Pointer Dereference in CIccProfileXml::ParseBasic() Leading to Denial of Service — iccDEVCWE-20 5.5 Medium2026-01-07
CVE-2026-21505 iccDEV has Undefined Behavior (UB) - Invalid Enum Value — iccDEVCWE-20 5.5 Medium2026-01-07
CVE-2026-21503 iccDEV has Undefined Behavior - Null Pointer Passed to memcpy() in CIccTagSparseMatrixArray — iccDEVCWE-20 6.1 Medium2026-01-07
CVE-2026-21504 Heap Buffer Overflow in iccDEV ToneMap Parser — iccDEVCWE-122 6.6 Medium2026-01-07
CVE-2026-21501 Stack Overflow in iccDEV Calculator Parser — iccDEVCWE-20 5.5 Medium2026-01-07
CVE-2026-21502 NULL Pointer Dereference in iccDEV XML Tag Parser — iccDEVCWE-20 5.5 Medium2026-01-07
CVE-2026-21500 Stack Overflow in iccDEV XML Calculator Macro Expansion — iccDEVCWE-20 5.5 Medium2026-01-07
CVE-2026-21499 NULL Pointer Dereference in iccDEV XML Parser — iccDEVCWE-20 5.5 Medium2026-01-07
CVE-2026-21498 NULL Pointer Dereference in iccDEV XML Calculator Parser — iccDEVCWE-20 5.5 Medium2026-01-07
CVE-2026-21496 NULL Pointer Dereference in iccDEV Signature Parser — iccDEVCWE-20 5.5 Medium2026-01-07
CVE-2026-21497 NULL Pointer Dereference in iccDEV Unknown Tag Parser — iccDEVCWE-20 5.5 Medium2026-01-07
CVE-2026-21495 Division by Zero in iccDEV TIFF Image Reader — iccDEVCWE-20 5.5 Medium2026-01-07
CVE-2026-21492 iccDEV ToneMap Writer has NULL Pointer Member Call — iccDEVCWE-252 5.5 Medium2026-01-06
CVE-2026-21491 iccDEV has unicode buffer overflow in CIccTagTextDescription — iccDEVCWE-122 6.1 Medium2026-01-06

This page lists every published CVE security advisory associated with InternationalColorConsortium. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.