Unrated severityNVD Advisory· Published Jan 6, 2026· Updated Jan 6, 2026
iccDEV Undefined Behavior (UB) and Out of Memory in CIccProfile::LoadTag()
CVE-2026-21485
Description
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below are prone to have Undefined Behavior (UB) and Out of Memory errors. This issue is fixed in version 2.3.1.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- InternationalColorConsortium/iccDEVv5Range: < 2.3.1.2
Patches
Vulnerability mechanics
References
3- github.com/InternationalColorConsortium/iccDEV/commit/c136aac51d25cbb4d9db63f071edad4f088843dfmitrex_refsource_MISC
- github.com/InternationalColorConsortium/iccDEV/issues/340mitrex_refsource_MISC
- github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-chp2-4gv5-2432mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.