iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is a defect in LUT dump/iteration logic affecting CIccCLUT::Iterate() and output produced by CIccMBB::Describe() (via CLUT dumping). This issue has been patched in version 2.3.1.6.
| Vendor | Product | Versions |
|---|---|---|
| internationalcolorconsortium | iccdev | < 2.3.1.6, 2.3.1.1, 2.3.1.2, 2.3.1.3, 2.3.1.4, 2.3.1.5 |
Updated affected versions to include 2.3.1.1 through 2.3.1.5, changed severity to HIGH, and noted that the vulnerability is actively exploited.
Initial creation
