CVE-2026-25583

Published
View on NVD ↗
CVSS v3
7.8
HIGH
CVSS v2
N/A
Affected
1
PROJECT

Description

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a heap buffer overflow vulnerability in CIccFileIO::Read8() when processing malformed ICC profile files via unchecked fread operation. This issue has been patched in version 2.3.1.3.

InternationalColorConsortium/iccDEV
InternationalColorConsortium/iccDEV
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles.
GitHubGitHub
163