Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

InternationalColorConsortium — Vulnerabilities & Security Advisories 104

Browse all 104 CVE security advisories affecting InternationalColorConsortium. AI-powered Chinese analysis, POCs, and references for each vulnerability.

The International Color Consortium develops open standards and software tools for color management, primarily facilitating accurate color reproduction across diverse devices and operating systems. Its ecosystem includes widely used libraries like Little CMS and ICC profiles, which are integral to graphic design, printing, and digital imaging workflows. Historically, vulnerabilities in these components have frequently involved buffer overflows and integer overflows, leading to remote code execution or denial-of-service conditions. While cross-site scripting and privilege escalation issues are less common in the core libraries, they occasionally appear in associated web-based management interfaces. The consortium maintains a proactive security posture by publishing detailed CVE records, currently totaling 104 entries, which reflect ongoing efforts to patch legacy code and secure data processing routines. These incidents underscore the critical need for rigorous input validation in color processing algorithms to prevent exploitation by malicious actors targeting high-value creative industries.

Top products by InternationalColorConsortium: iccDEV
CVE IDTitleCVSSSeverityPublished
CVE-2026-21490 iccDEV has heap buffer overflow in CIccTagLut16::Validate() — iccDEVCWE-122 6.1 Medium2026-01-06
CVE-2026-21494 iccDEV has heap buffer overflow in CIccTagLut8::Validate() — iccDEVCWE-122 6.1 Medium2026-01-06
CVE-2026-21493 iccDEV has Type Confusion during XML Curve Serialization — iccDEVCWE-188 6.6 Medium2026-01-06
CVE-2026-21489 iccDEV has Out-of-bounds Read and Integer Underflow (Wrap or Wraparound) — iccDEVCWE-125 6.1 Medium2026-01-06
CVE-2026-21488 iccDEV has Out-of-bounds Read, Heap-based Buffer Overflow and Improper Null Termination — iccDEVCWE-122 6.1 Medium2026-01-06
CVE-2026-21486 Use After Free and Heap-based Buffer Overflow and Integer Overflow or Wraparound and Out-of-bounds Write in iccDEV — iccDEVCWE-122 7.8 High2026-01-06
CVE-2026-21487 iccDEV has Out-of-bounds Read, Use of Out-of-range Pointer Offset and Improper Input Validation — iccDEVCWE-20 6.1 Medium2026-01-06
CVE-2026-21485 iccDEV Undefined Behavior (UB) and Out of Memory in CIccProfile::LoadTag() — iccDEVCWE-20 8.8 High2026-01-06
CVE-2026-21677 iccDEV has Undefined Behavior in CIccCLUT::Init() — iccDEVCWE-758 8.8 High2026-01-06
CVE-2026-21676 iccDEV has a Heap-based Buffer Overflow in its CIccMBB::Validate() function — iccDEVCWE-122 8.8 High2026-01-06
CVE-2026-21675 iccDEV has a Use After Free vulnerability in CIccCmm class via improper hint manager object deletion — iccDEVCWE-416 9.8 Critical2026-01-06
CVE-2026-21674 iccDEV has a Memory Leak in its CIccProfileXml::ParseTag() Error Path — iccDEVCWE-401 3.3 Low2026-01-06
CVE-2026-21673 iccDEV has Integer Overflow/Underflow in CIccXmlArrayType::ParseTextCountNum() — iccDEVCWE-190 7.8 High2026-01-06
CVE-2026-21507 iccDEV is Vulnerable to Denial of Service via Infinite Loop in CalcProfileID() — iccDEVCWE-835 7.5 High2026-01-06

This page lists every published CVE security advisory associated with InternationalColorConsortium. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.