How severe is CVE-2026-21493?

CVE-2026-21493 has a CVSS v3 score of 6.6 (MEDIUM).

CVE-2026-21493

Name: iccdev
Author: color

6.6MEDIUM

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Type Confusion in its CIccSingleSampledeCurveXml class during

Veröffentlicht: 1/6/2026Aktualisiert: 1/14/2026

Beschreibung

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are vulnerable to Type Confusion in its CIccSingleSampledeCurveXml class during XML Curve Serialization. This issue is fixed in version 2.3.1.2.

KI-AnalyseKI-gestützt

Betroffene Produkte

coloriccdev

Referenzen

https://github.com/InternationalColorConsortium/iccDEV/commit/7ff76d1471077172f9659de8d9536443eac7c48f
Patch
https://github.com/InternationalColorConsortium/iccDEV/issues/358
ExploitIssue TrackingVendor Advisory
https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-p85g-f9q7-jmjx
PatchVendor Advisory