iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below have an infinite loop in the IccProfile.cpp function, CalcProfileID. This issue is fixed in version 2.3.1.1.
References
| Link | Resource |
|---|---|
| https://github.com/InternationalColorConsortium/iccDEV/commit/3f3ce789d0d2b608c194ed172fa38943519dc198 | Patch |
| https://github.com/InternationalColorConsortium/iccDEV/issues/244 | Issue Tracking Exploit Vendor Advisory |
| https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-hgp5-r8m9-8qpj | Patch Vendor Advisory |
Configurations
History
12 Jan 2026, 21:04
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:color:iccdev:*:*:*:*:*:*:*:* | |
| First Time |
Color
Color iccdev |
|
| References | () https://github.com/InternationalColorConsortium/iccDEV/commit/3f3ce789d0d2b608c194ed172fa38943519dc198 - Patch | |
| References | () https://github.com/InternationalColorConsortium/iccDEV/issues/244 - Issue Tracking, Exploit, Vendor Advisory | |
| References | () https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-hgp5-r8m9-8qpj - Patch, Vendor Advisory |
06 Jan 2026, 01:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-01-06 01:16
Updated : 2026-01-12 21:04
NVD link : CVE-2026-21507
Mitre link : CVE-2026-21507
CVE.ORG link : CVE-2026-21507
JSON object : View
Products Affected
color
- iccdev
CWE
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
