Security Vulnerability Report
中文
CVE-2026-21674 CVSS 3.3 LOW

CVE-2026-21674

Published: 2026-01-06 02:15:46
Last Modified: 2026-01-12 21:02:38
Source: [email protected]

Description

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below contain a memory leak vulnerability in its XML MPE Parsing Path (iccFromXml). This issue is fixed in version 2.3.1.1.

CVSS Details

CVSS Score
3.3
Severity
LOW
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Configurations (Affected Products)

cpe:2.3:a:color:iccdev:*:*:*:*:*:*:*:* - VULNERABLE
iccDEV <= 2.3.1

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
// CVE-2026-21674 PoC - Malicious XML ICC Profile triggering memory leak // This PoC demonstrates a crafted XML ICC profile that triggers memory leak // in iccDEV library's iccFromXml function during MPE parsing. #include <stdio.h> #include <stdlib.h> #include <string.h> // Simulated malicious XML MPE content const char* malicious_xml_mpe = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" "<ICCProfile version=\"4.3\">" " <MPE xmlns=\"http://www.color.org/ICC/MPE\">" " <CurveElement> " <Curve count=\"256\">" " <!— Repeated elements to trigger leak condition —>" " </Curve>" " </CurveElement>" " </MPE>" "</ICCProfile>"; // Simulate iccFromXml function with memory leak void trigger_iccFromXml_memory_leak(const char* xml_data) { void* leaked_memory = NULL; // Allocate memory for parsing (simulated) leaked_memory = malloc(1024); if (leaked_memory == NULL) { return; } // Parse XML MPE elements // In vulnerable version: memory not freed on error path printf("Parsing XML MPE data...\n"); // Simulate error condition where cleanup is skipped int parse_error = 1; // Simulated error if (parse_error) { // VULNERABILITY: Memory leak - leaked_memory not freed printf("Memory leak triggered: 1024 bytes not freed\n"); // Missing: free(leaked_memory); return; } free(leaked_memory); } int main() { printf("CVE-2026-21674 PoC - iccDEV Memory Leak\n"); printf("=====================================\n\n"); // Trigger the vulnerability trigger_iccFromXml_memory_leak(malicious_xml_mpe); printf("\nPoC demonstrates memory leak in XML MPE parsing.\n"); printf("Fixed in version 2.3.1.1\n"); return 0; }

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2026-21674", "sourceIdentifier": "[email protected]", "published": "2026-01-06T02:15:45.503", "lastModified": "2026-01-12T21:02:37.677", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1 and below contain a memory leak vulnerability in its XML MPE Parsing Path (iccFromXml). This issue is fixed in version 2.3.1.1."}, {"lang": "es", "value": "iccDEV proporciona un conjunto de bibliotecas y herramientas para trabajar con perfiles de gestión de color ICC. Las versiones 2.3.1 e inferiores contienen una vulnerabilidad de fuga de memoria en su Ruta de Análisis XML MPE (iccFromXml). Este problema está corregido en la versión 2.3.1.1."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", "baseScore": 3.3, "baseSeverity": "LOW", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW"}, "exploitabilityScore": 1.8, "impactScore": 1.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-401"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:color:iccdev:*:*:*:*:*:*:*:*", "versionEndExcluding": "2.3.1.1", "matchCriteriaId": "0E50DFFC-9185-4969-85A7-6D3976699720"}]}]}], "references": [{"url": "https://github.com/InternationalColorConsortium/iccDEV/commit/d7028d8f558bb681efe2b85f02eb4ca374502cbb", "source": "[email protected]", "tags": ["Patch"]}, {"url": "https://github.com/InternationalColorConsortium/iccDEV/issues/241", "source": "[email protected]", "tags": ["Issue Tracking", "Exploit", "Vendor Advisory"]}, {"url": "https://github.com/InternationalColorConsortium/iccDEV/security/advisories/GHSA-xww6-v3vg-4qc7", "source": "[email protected]", "tags": ["Patch", "Vendor Advisory"]}, {"url": "https://github.com/InternationalColorConsortium/iccDEV/issues/241", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Issue Tracking", "Exploit", "Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.